Privacy Policy

Last Updated: August 27, 2025

At Certify Global Inc (“Certify”, “we”, “our”, “us”), your privacy is important.  

This Privacy Policy describes the personally identifiable information (“personal information”) that me may collect via our interactions with you across various platforms, including the below (collectively the “Services”): 

  • Website: This includes any interaction you have with our informational websites and any associated mobile applications (“Website”). 
  • Events: When you attend events such as or trade shows, webinars, and others where we participate or present, we may collect personal information from and about you. 
  • Phone, Text, Chat and Email Communications: Personal information may be collected when you communicate with us via phone, text, chat, or email, such as call logs, email addresses, and the content of the communications. 
  • Online Advertisements and Emails: If you view our online ads or emails, we may collect information about your interaction with these communications, such as click-through rates and preferences. 
  • Authorized Service Providers: We may also collect information through third-party service providers who are authorized to act on our behalf, including marketing firms and payment processors. 

This Privacy Policy does not apply to the information that our healthcare partners choose to manage, upload, and store in our Services (“Partner Content”) for which we are a service provider/processor/business associate, including information obtained from or about a consumer or patient via use of our FaceCheck and patient services offered on behalf of such healthcare partner.  In those circumstances, we process and/or host Partner Content on behalf of a business partner and that business partner is responsible for the collection and use of all Partner Content, including all necessary consents related to such Partner Content. The respective business partner’s privacy notice will apply to the business partner’s collection and use of such Partner Content and questions regarding such notice should be directed to such business partner.  

If you do not agree to the terms and conditions of this Privacy Policy, then please do not provide us with your personal information and do not access or use the Services.  By using our services, you agree to the terms outlined in this Privacy Policy.  If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us. 

CHANGES TO PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes to our privacy practices, and when we do, we will update the “Last Updated” date at the top of the Privacy Policy. If we make material changes, we will provide prominent notice (such as through a notice or banner or, where feasible, via email). Your continued use of the Website and Services after the “Last Updated” date constitutes your acceptance of the changes. If you do not agree to the changes, you should immediately stop using our Services.

COLLECTION OF PERSONAL INFORMATION

As further described below, we collect personal information directly from you and from other, third-party sources. To the extent permitted by applicable law, we may combine the information we collect from you with publicly available or data we receive from a third party. 

Personal Information We Collect Directly From You. While the personal information we collect varies depending upon your use of the Website and Services and our interactions with you, in general, we may collect the following personal information directly from you: 

  • Contact Information. When you contact us, we collect your name, email address, phone number, and other contact information you choose to provide. 
  • Account Information. When you register for or update an account, we collect your name, email address, postal address, username, password, and other details necessary to access and manage your account. 
  • Employment Information.  When you register for the Services on behalf of your employer, we may collect information regarding your employment.   
  • Communications and Interactions. When you send email, call, or otherwise communicate with us and with members of our team, we collect and maintain a record of your contact details, communications, and our responses. 
  • Responses and Feedback. If you participate in our surveys or questionnaires, we collect your responses and feedback, such as user satisfaction or other information related to your use of the Services, and any other information you so choose to provide. 
  • Marketing. We collect your email, name, phone number, and preferences. 
  • Payment Information.  If payment is required, you may be asked to provide billing details such as financial or bank account information.  

Personal Information We Collect from Other Sources. In addition, we may collect and receive certain personal information from third-parties. As permitted by applicable law, we may combine this information with other personal information within our possession.   

Some of the Services allow you to provide us with personal information relating to other parties (collectively, “Third-Party Data”). 

If you use any feature of the Services that allows you to submit Third-Party Data or access Third-Party Data in your possession or on your behalf, such as a parent coordinating services for a minor dependent, you acknowledge, represent, and agree (a) that you have the authority of the relevant other party for us to access and use the relevant Third-Party Data, and (b) that you have notified these other parties and informed them how their information is collected and used by us to provide the Services. 

We reserve the right to identify you as the person who has provided this information in any messages that are sent to other parties. We use Third-Party Data to (a) contact such party using the Third-Party Data provided, and/or (b) provide the Services. We may also send reminders or related messages to you and to other parties on your behalf from time to time, as and where permitted by applicable law. 

USE OF PERSONAL INFORMATION.

We may use the personal information we collect in various ways, including to: 

  • Provide, operate, and manage the Services, including but not limited to facilitating patient intake, check-in and scheduling. 
  • Transaction Management. To manage transactions, such as tracking and processing payments. 
  • Services and Support. To allow you to maintain your account with us, provide and operate the Website, communicate with you about your use of the Services, respond to your inquiries, and to otherwise run our day-to-day operations. 
  • Analytics and Improvement. To better understand how users access and use the Services, and for other research and analytical purposes, to develop the Services and its features, and for internal quality control and training purposes. 
  • Communicate With You. To respond to your inquiries, send you requested materials and newsletters, as well as information and materials regarding the Services and offerings. We also use this information to send administrative information to you, for example, information regarding the Services and changes to our terms, conditions, and policies. 
  • Marketing and Promotions. For marketing and promotional purposes. For example, to send you information about the Services, such as newsletters and other marketing content that you sign up to receive.  If you do not wish to receive promotional e-mails from us, you may opt out at any time by following the unsubscribe directions in the email or contactins us.  If you opt out of a promotional e-mail, we may still send you transactional and administrative emails about this privacy notice or about the products or services you have purchased. 
  • Research, Development, and Surveys. To administer surveys and questionnaires, such as for market research or user satisfaction purposes and to develop new products and services, including market analysis and product testing. 
  • Security and Protection of Rights. To protect the Services and our business operations, and to protect our rights or those of our stakeholders; to prevent and detect fraud, unauthorized activities and access, and other misuse; where we believe necessary to investigate, prevent or act regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms of Use.  
  • Compliance and Legal Process. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority. 
  • Auditing, Reporting, and Other Internal Operations. To conduct financial, tax, and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions, and to maintain appropriate business records and enforce company policies and procedures. 
  • General Business and Operational Support. To assess and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and to administer our business, accounting, auditing, compliance, recordkeeping, and legal functions. 
DISCLOSURES OF PERSONAL INFORMATION

We may share your personal information for the purposes described above and as follows: 

  • Affiliates and Subsidiaries. We may disclose the personal information we collect to our corporate affiliates and subsidiaries.  
  • Vendors and Service Providers. We may disclose the personal information we collect to service providers who perform functions on our behalf, such as IT and website hosting, marketing, and marketing research providers, customer support, data storage, analysis and processing providers, auditors, consultants, and legal counsel. 
  • Business Partners, Including Advertising Partners and Analytics & Marketing Partners. We may also disclose your personal information, including name and email address, to marketing and advertising networks, data analytics providers, and other companies who provide marketing or analytics services on our behalf.  
  • Financial Partners: If using our payment system, we will provide your information to our financial partners, including FiServ and Wells Fargo to facilitate the transaction.  
  • In Support of Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may disclose or transfer the personal information we have collected from you with or to the other company. We may also disclose certain personal information as necessary prior to the completion of such a transaction or other corporate transactions such as a financing or restructuring, to lenders, auditors, and third-party advisors, including attorneys and consultants. 
  • Compliance and Legal Obligations. To comply with our legal and compliance obligations and to respond to the legal process. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements. The disclosure of personal information to third parties to comply with valid legal demands for such information is governed by Certify  Government Disclosures Policy. 
  • Security and Protection of Rights. Where we believe doing so is necessary to protect us, our rights and property, or the rights, property, and safety of others. We may also disclose personal information related to litigation and other legal claims or proceedings in which we are involved, as well as for our internal accounting, auditing, compliance, recordkeeping, and legal functions. 
  • Aggregate and Deidentified Information. Notwithstanding anything else in this Privacy Policy, we may use, disclose, and otherwise process aggregate and deidentified information related to our business and the Services with third parties for quality control, analytics, research, development, and other purposes.  
  • Other Disclosures. We may disclose personal information in other ways not described above, but will notify you and, if necessary, obtain your consent. 
DO NOT TRACK

Currently, the Website does not recognize all “Do-Not-Track” requests. You may, however, disable certain tracking by disabling cookies. If our site detects that your browser or device is transmitting an opt-out preference signal, such as the “global privacy control”—or GPC — signal, we will opt that browser or device out of the use of cookies or other tools on our site that result in a “sale” or “sharing” or use for targeted advertising of your personal information. If you come to our site from a different device or from a different browser on the same device, or if you clear your cookies, you will need to opt-out again, or use an opt-out preference signal, for that browser and/or device as well. 

DESTRUCTION OF PERSONAL INFORMATION

Personal information is retained no longer than necessary to fulfill the purposes set out in this Privacy Policy, unless a longer retention period is required (such as under applicable contracts with clients or business partners) or permitted by law (such as tax, accounting, or other legal requirements).

SECURITY

Certify Health takes reasonable steps to prevent destruction, alteration, disclosure, misuse, and unauthorized access to your personal information. Unfortunately, no security system can be guaranteed to be 100% secure. Accordingly, we cannot guarantee the security of your information and cannot assume liability for improper access to it.

CHILDREN

We do not knowingly collect personal information from children under the age of 13 without parental consent.  If we learn that we have collected the personal information of a child under the age of 13 without parental consent, we will take steps to delete the information as soon as possible.

LINKS TO OTHER WEBSITES

For your convenience, we may provide links to other websites and web pages that we do not control. We cannot be responsible for the privacy practices of any websites or pages not under our control and we do not endorse any of these websites or pages, the services or products described or offered on such sites or pages, or any of the content contained on those sites or pages.

UNITED STATES PRIVACY LAWS

This section describes state specific consumer rights afforded to residents of those states who have enacted comprehensive privacy laws (“State Privacy Laws”). Not all of the State Privacy Laws are effective as of the date of this Privacy Policy, and several do not apply to Certify Health; however, even where we are not subject to a particular State Privacy Law, we will endeavor to honor applicable privacy rights requests to the extent we are able under the circumstances, but this is a courtesy only and does not otherwise subject us to or make us liable under these laws, to the extent permitted. Any terms defined in the applicable State Privacy Laws that we use here have the same meaning as the applicable State Privacy Law.

Information We Collect

As more fully described above, we collect (and have collected within the last twelve (12) months) the following categories of personal information: 

  • Identifiers 
  • Commercial information 
  • Employment Information 
Disclosure of personal information to Third Parties and Other Recipients
Categories of personal information that May Be Sold, Shared, or Disclosed Categories of Third Parties to whom personal information May Be Sold, Shared, or Disclosed Business or Commercial Purpose of Selling, Sharing, or Disclosing personal information
Identifiers Affiliates, Subsidiaries
Vendors and Service Providers
Business Partners
Payment Providers
Provide the services
Communicate with you
Monitor the services
Market & Advertise the services, including via use of Targeted Advertising
Respond to Inquiries and Fulfill Requests
Improve the services
Support business operations
With your Consent
Commercial information Affiliates, Subsidiaries
Vendors and Service Providers
Payment Providers
Provide the services
Monitor the services
Respond to Inquiries and Fulfill Requests
Support business operations
With your Consent
Sales and Sharing of personal information; Use for Targeted Advertising

Certain state laws, including the California Consumer Privacy Act, define “sale” as disclosing or making available personal information to a third-party in exchange for monetary or other valuable consideration, and “sharing” or “targeted advertising” as disclosing or making available personal information to a third-party for purposes of cross-contextual behavioral advertising.

We do not sell and “share” or use for targeted advertising your personal information.

Your Privacy Rights and Choices

Residents of states with generally applicable privacy laws have the following rights regarding their personal information, subject to certain exceptions and qualifications under their respective state laws. 

  • Access and Data Portability. You have the right to request details about the personal information we have collected about you, such as whether we have collected personal information about you, the categories of sources, the purposes for which we have collected the personal information, the categories of recipients, and the specific pieces of personal information we have collected. You may also have the right to receive a copy of your personal information in a readily usable format. 
  • You may access or request access to the personal information in your Account at any time through the Certify Health platform or by sending a request to:  support@certify.me
  • If you terminate your use of the Services, or if Certify Health terminates your use to the Services, any request to access your personal information must be made within thirty (30) days of termination.  If you do not request such access within this time frame, or if your access to the Services is terminated due to your actual, attempted, threatened, or suspected violation of Certify Health’s Terms of Use, Certify Health will have no obligation to maintain such information, and such information may no longer be retrievable.  You may access the personal information in your Account through the platform or by sending a request to: support@certify.me
  • Correction. You may have the right to request we correct incorrect or inaccurate personal information, subject to restrictions regarding the determination of accuracy of the existing personal information. 
  • You may update the personal information in your Account at any time through the Certify Health platform or by sending a request to: support@certify.me. 
  • Deletion. You may have the right to request deletion of your data unless an exception applies. 
  • Opt-Out of Sale, Sharing, or Targeted Advertising. You have the right to opt-out of “sales” and “sharing” of your personal information, and to opt-out of the use of your personal information for “targeted advertising” as those terms are defined under applicable state privacy laws.  However, we do not “sell”, “share” or utilize targeted advertising.    
  • You have the right to opt-out of “sales” and “sharing” of your personal information or use for targeted advertising by using an opt-out preference signal. If the Website detects that your browser or device is transmitting an opt-out preference signal, such as the “global privacy control”—or GPC — signal, we will opt that browser or device out of the use of cookies or other tools on our site that result in a “sale” or “sharing” or use for targeted advertising of your personal information. If you come to the Website from a different device or from a different browser on the same device, or if you clear your cookies, you will need to opt-out again, or use an opt-out preference signal, for that browser and/or device as well. 

To learn more about the Global Privacy Control, please visit: https://globalprivacycontrol.org/#download 

  • Limit Use and Disclosure. We do not collect nor engage in uses of sensitive personal information that trigger a right to limit use and disclosure of sensitive personal information under applicable state privacy law. 
  • Opt-Out of Profiling with Legal or Significant Effects. You may have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. However, we do not engage in such activities as described under applicable state privacy law, so there is no need to exercise this right. 
CONSUMER REQUESTS AND VERIFICATION

Right to Non-Discrimination 

We may not discriminate against you because you exercise any of your privacy rights contained in this Privacy Policy including, but not limited to: 

  • Denying goods or services to you; 
  • Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; 
  • Providing a different level or quality of goods or services to you; or 
  • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services. 

Verifying Requests 

You may request to exercise your rights of access, deletion, or correction by contacting us via Suite 305, 656 Quince Orchard Rd STE 300, Gaithersburg, MD 20878, United States . To help protect your privacy and maintain security, we will take steps to verify your identity before processing your request.  If you request access to or deletion of your personal information, we may require you to provide any of the following information: name, email address, telephone number, or postal address, and account information. When you make such a request, you can expect the following:  

  • As required under applicable law, we will verify your identity. You will need to provide us with your email address and full name.  We may ask for additional information if needed. 
  • We will confirm that you want your information accessed, corrected, and/or deleted. 
  • We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us at the Website or phone number listed below. 
  • We will respond to your request within 45 days upon receipt of your request. If necessary, we may need an additional period of time, up to another 45 days, but we will reply either way within the first 45-day period and, if we need an extension, we will explain why. 
  • In certain cases, a request for access, correction, or deletion may be denied. For example, if we cannot verify your identity, the law requires that we maintain the information, or if we need the information for internal purposes such as providing services or completing an order. If we deny your request, we will explain why we denied it and delete any other information that is not protected and subject to denial. 

Authorized Agents 

You may designate an authorized agent to request any of the above rights on your behalf. You may make such a designation by providing the agent with written permission, signed by you, to act on your behalf. Your agent may contact us as described in the Data Request section below to make a request on your behalf. Even if you choose to use an agent, we may, as permitted by law, require: 

  • The authorized agent to provide proof that you provided signed permission to the authorized agent to submit the request; 
  • You to verify your identity directly with us; or 
  • You to directly confirm with us that you provided the authorized agent permission to submit the request. 

Appeal Process 

If you have made a request to access, correct, or delete your personal information under a state privacy law with an appeal right, and we have declined to take action, you may appeal our decision within 45 days of the denial. When you make such an appeal, you can expect the following: 

  • We will verify your identity. You will need to provide us with your email address and full name.  We may ask for additional information if needed. 
  • We will review your appeal and respond in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decision, within 45 days upon receipt of your appeal. If necessary, we may need an additional period of time, up to another 45 days, but we will reply either way within the first 45-day period and, if we need an extension, we will explain why. 
  • In certain cases, an appeal may be denied. For example, if we cannot verify your identity, the law requires that we maintain the information, or if we need the information for internal purposes such as providing Services or completing an order. If we deny your appeal, we will explain why we denied it and provide you with a method to contact your state’s Attorney General to submit a complaint. 
BIOMETRIC INFORMATION SERVICES USERS

If you reside in Illinois, Texas, Washington, or another state with a biometric privacy laws and utilize our FaceCheck solution, Certify Health’s collection and use of your Biometric Information is on behalf of the healthcare provider utilizing such services and is subject to our Biometric Information Notice, incorporated herein by reference. When you use the Services, you will be asked to indicate that you agree to our collection, storage, and use of your Biometric Information in accordance with the terms of this Notice by clicking on a checkbox, by entering you name, or by similar means.  You agree that such indication of consent is your written release regarding our collection, storage, and use of your Biometric Information.   

INTERNATIONAL USERS

If you reside in the European Union or another jurisdiction that has adopted the EU’s General Data Protection Regulation (“GDPR”), Certify Health’s collection and use of your personal information is subject to the GDRP.  Certify Health’s obligations under the GDPR are set forth in the Certify Health’s GDPR Policy, which is incorporated by reference into this Privacy Policy. 

COMMUNICATIONS

Questions, complaints, and other communications regarding any aspect of this Privacy Policy should be addressed to Certify Health at info@certify.me. 

Questions, complaints, and other communications regarding any aspect of Certify Health’s GDPR Policy should be addressed to Certify Health as set forth in our GDPR Policy.