Superpower Health

Privacy Policy

Last Updated and Effective: 6.28.2024

Superpower Health, Inc. ("Superpower" "we," or "us") owns and operates the website (the "Website") located at superpower.com and other related websites and platforms and may own and/or operate a “Superpower” mobile application (collectively, the “Platform”). Your access and use of the Platform, any part thereof, or anything associated therewith, including its content ("Content"), any products or services provided through the Platform or otherwise by Superpower, and any affiliated website, software or application owned or operated by Superpower (collectively, including the Platform and the Content, the "Service") are subject to this Privacy Policy unless specifically stated otherwise. Capitalized terms not otherwise defined in this Privacy Policy have the same meaning as set forth in the Terms of Service ("Terms of Service").

We are committed to respecting the privacy of users of the Service. We created this Privacy Policy ("Privacy Policy") to tell you how Superpower collects, uses and discloses information in order to provide you with the Service.

By creating, registering, or logging into an account through the Service, or otherwise accessing or using the Service, you are acknowledging the most recent version of this Privacy Policy. If we make any changes to our Privacy Policy, we will post the revised Privacy Policy and update the "Last Updated" date of the Privacy Policy.

If you are using the Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to act on such individual's behalf and that such individual acknowledges the practices and policies outlined in this Privacy Policy.

The Superpower Platform provides users with access to: 

  • Third-party phlebotomists to draw your blood (“Phlebotomists”), and third-party laboratory testing services so that you can request blood testing and other lab testing (e.g., breath, saliva, urine, and stool) to evaluate your health biomarkers (“Labs”), 
  • Superpower’s marketplace (powered by Shopify) to purchase health related products, 
  • Telehealth services provided by one or more third-party medical groups (“Medical Groups”) who can provide healthcare services to you through the Platform. These Medical Groups employ or contract with licensed physicians and allied health professionals (“Healthcare Providers”) who can consult with you through the Platform to interpret and review your Labs and provide recommendations for health optimization;
  • Following appropriate intake and review by a Healthcare Provider through the Platform, prescription ordering and prescription fulfillment services offered by several third-party pharmacies (the “Pharmacies”); 
  • other third-party providers of health and wellness services, including, without limitation, VO2 max testing, DEXA scans and full body MRI.
  • Additionally, you will be able to upload your past labs into the Superpower Data Vault as well as input information about your lifestyle, health, nutrition, your past laboratory data, and receive non-medical educational information regarding your health data. You can also choose to connect your wearable devices to upload your biometric data to the Platform.

This Privacy Policy applies to information we collect:

  • on our Platform;
  • in email, text, and other electronic messages between you and our Platform;
  • when you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy.

It does not apply to information collected by:

  • the Medical Groups, Healthcare Providers, Phlebotomists, Pharmacies, and Labs; 
  • Metriport or any similar system designed to helps digital health companies share, access and manage patient health and medical data, through an open-source and universal API.
  • any third party, including through any application or content that may link to or be accessible from or on the Platform.

Please read this Privacy Policy carefully. By accessing or using our Platform, you agree to this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Superpower Platform.

Children Under the Age of 18

Superpower does not knowingly collect or solicit any information from anyone under the age of 18 on its Platform. If we learn that we have inadvertently collected personal information from a child under age 18, we will delete that information as quickly as possible. If you believe that we might have any information from a child under 18, please contact us using the contact details set out at the end of this Privacy Policy. We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children.

Protected Health Information

When you set up an account with Superpower, you are creating a direct customer relationship with Superpower that enables you to access and/or utilize the various functions of the Platform and the Service as a user. As part of that relationship, you provide information to Superpower, including but not limited to, your name, email address, shipping address, phone number and certain transactional information, that we do not consider to be "protected health information" or "medical information".

However, in using certain components of the Service, you may also provide certain health or medical information that may be protected under applicable laws. Superpower is not a "covered entity" under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and its related regulations and amendments from time to time (collectively, “HIPAA”). One or more of the Labs, Pharmacies or Medical Groups may or may not be a "covered entity" or "business associate" under HIPAA, and Superpower may in some cases be a "business associate" of a Lab, Pharmacy or Medical Group. It is important to note that HIPAA does not necessarily apply to an entity or person simply because there is health information involved, and HIPAA may not apply to your transactions or communications with Superpower, the Medical Groups, the Healthcare Providers, the Labs, or the Pharmacies. To the extent Superpower is deemed a "business associate" however, and solely in its role as a business associate, Superpower, may be subject to certain provisions of HIPAA with respect to "protected health information," as defined under HIPAA, that you provide to Superpower, the Labs, Pharmacies, Medical Groups or the Healthcare Providers ("PHI"). In addition, any medical or health information that you provide that is subject to specific protections under applicable state laws (collectively, with PHI, “Protected Information”), will be used and disclosed only in accordance with such applicable laws. However, any information that does not constitute Protected Information under applicable laws may be used or disclosed in any manner permitted under this Privacy Policy. Protected Information does not include information that has been de-identified in accordance with applicable laws.

The Medical Groups and Healthcare Providers have adopted a Medical Group Notice of Privacy Practices that describes how they use and disclose Protected Information. By accessing or using any part of the Service, you acknowledge receipt of the Medical Group Notice of Privacy Practices from the Medical Group and Healthcare Providers.

By accessing or using any part of the Service, you understand that even if HIPAA does apply to Superpower, the Medical Groups, the Healthcare Providers, the Labs, or the Pharmacies, any information that you submit to Superpower that is not intended and used solely for the provision of diagnosis and treatment by the Medical Group and Healthcare Providers, laboratory services by the Labs, or prescription fulfillment by the Pharmacies, is not considered Protected Information, and will only be subject to our Privacy Policy and any applicable state laws that govern the privacy and security of such information. For purposes of clarity, information you provide to Superpower in order to register and set up an account on the Platform, including name, username, email address, shipping address and phone number, are not considered Protected Information.

Collection of Personal Information

The personal data we collect depends on how you interact with us, the portions of the Service you use, and the choices you make.

We collect information about you from different sources and in various ways when you use our services, including information you provide directly, information collected automatically, information from third-party data sources, and data we infer or generate from other data.

Information you provide directly. 

We collect personal data you provide to us. For example:

  • Name and contact information, such as your name, email address, phone number, and billing and physical addresses.
  • Demographic data, such as your gender, date of birth, and zip code.
  • Third-party website, network, platform, server and/or application information (e.g., Facebook, Twitter, Instagram)
  • Payment information, such as your credit card number, financial account information, and other payment details.
  • Content and files, such as past lab data, photographs, videos, documents, and other files you upload to our Service. This includes email messages and other communications you send to us.
  • Sensitive personal information:some text
    • Account access information. We collect information such as a username or account number in combination with a password, security or access code, or other credential that allows access to an account.
    • Contents of communications. We collect the contents of communications that you make via our Service.
    • Health data. We collect and analyze information concerning your health.

Information we collect automatically.

When you use our services, we collect some information automatically. For example:

  • Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the “Cookies, Mobile IDs, and Similar Technologies” section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
  • Geolocation data. Depending on your device and app settings, we collect geolocation data when you use our apps or online services. This information may include precise geolocation data, meaning data derived from a device and that is used to locate you within a certain radius, which is considered a type of sensitive personal information.
  • Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website. In some instances, such usage data may be sensitive personal information if it relates to browsing activity on health-specific sites.

Information we create or generate. We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

Information we obtain from third-party sources. We also obtain the types of information described above from third parties. These third-party sources include, for example:

  • Third-party partners.  Third-party applications and services, including social networks you choose to connect with or interact with through our Services.
  • Co-branding/marketing partners.  Partners with which we offer co-branded services or engage in joint marketing activities.
  • Service providers.  Third parties that collect or provide data in connection with work they do on our behalf, for example companies that determine your device’s location based on its IP address.

When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

Superpower provides management services to the Medical Groups, Labs and Pharmacies you may access through our Service. As a result, we may store additional health information on their behalf, including your medical record, communications with Healthcare Providers, lab results, and medical history.

Cookies, Mobile IDs, and Similar Technologies

We use cookies, web beacons, mobile analytics and advertising IDs, and similar technologies to operate our websites and online services and to help collect data, including usage data, identifiers, and device information.  

What are cookies and similar technologies?

Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.

Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.

Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android) and can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics and advertising partners to access these mobile IDs.

How do we and our partners use cookies and similar technologies?

We, and our analytics and advertising partners, use these technologies in our websites, apps, and online services to collect personal data (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our services, including personal data about your online activities over time and across different websites or online services. This data is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, deliver and tailor interest-based advertising, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the data we collect or infer with third parties for these purposes. For more information about the third-party analytics and advertising partners that collect personal information on our services, please see the “Our Disclosure of Personal Data” section of this statement.  

What controls are available?

There are a range of cookie and related controls available through browsers, mobile operating systems, and elsewhere. See the “Choice and Control of Personal Data” section below for details.  

Use of Information

We use the personal data we collect for purposes described in this Privacy Policy or as otherwise disclosed to you, subject to the limitations addressed in the Protected Health Information Section above. For example, we use personal data for the following purposes:

Purpose of Use

Categories of Personal Data

Product and Service delivery.

To provide and deliver our Service, including troubleshooting, facilitating your movement through the Service, confirming your location, improving, and personalizing those services, and assisting you with obtaining the services of third-party service providers.

Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, geolocation data, usage data, inferences

Sensitive information:  account access information, contents of communications,, health data for collecting and analyzing.

Business operations.

To operate our business, such as billing, processing your payments, accounting, administering your account, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, verifying your identity, and meeting our legal obligations. Additionally, to protect or enforce Superpower’s rights and properties.

Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information geolocation data, usage data, inferences

Sensitive information:  account access information, geolocation data, contents of communications, health data for collecting and analyzing.

Product improvement, development, and research.

To develop, test, or improve the Service and content, features and/or products or services offered via the Service. Additionally, to Identify or create new products or services. Lastly, to analyze traffic and user behavior or activity to and through Service

Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, geolocation data, usage data, inferences

Sensitive information:  account access information, geolocation data, contents of communications, health data for collecting and analyzing

Personalization.

To understand you and your preferences to enhance your experience and enjoyment using our services.

Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information geolocation data, usage data, inferences

Sensitive information: account access information, geolocation data, demographic data, contents of communications, health data for collecting and analyzing.

Customer support.

To provide customer support, fulfill your requests, and respond to your questions. Additionally, to place and track orders for products or services on your behalf

Contact information, demographic data, payment information, content and files, identifiers and device information geolocation data, usage data, inferences

Sensitive information:  account access information, geolocation data, demographic data, contents of communications, health data for collecting and analyzing.

Communications.

To send you information about Superpower, the Labs, the Pharmacies, the Medical Groups, the Healthcare Providers, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages. Additionally, to communicate with you by letter, email, text, telephone, or other forms of communication, including on behalf of your Healthcare Provider(s), to facilitate telehealth Service

Contact information, demographic data, payment information, content and files, identifiers and device information geolocation data, usage data, inferences

Sensitive information: account access information, geolocation data, demographic data, contents of communications, health data for collecting and analyzing.

Marketing.

To communicate with you about new services, offers, promotions, rewards, upcoming events, and other information about our Services and those of our selected partners.

Contact information, demographic data, payment information, content and files, identifiers and device information geolocation data, usage data, inferences

Sensitive information: health data for collecting and analyzing

Advertising.

To promote and market Superpower, the Service, and the products and/or services offered via the Service

Contact information, demographic data, identifiers and device information, geolocation data, usage data, inferences

Sensitive information: health data for collecting and analyzing

Additionally, we may use your browsing and other activity on the Service to promote and market Superpower, the Service, and the products and/or services offered via the Service, as well as to measure our advertising and marketing efforts. Depending on your activity on the Service, this may include information related to you visiting health-related pages on the Service. In some states, we may be required to obtain your consent prior to using information that constitutes sensitive personal information. While we may use information about your browsing activity on health-related pages, we do not use Protected Information for advertising or marketing.

We may de-identify your information and use, create and sell such de-identified information or any business or other purpose not prohibited by applicable law.

Disclosure of Information

We disclose personal data with your consent or as we determine necessary to complete your transactions or provide the services you have requested or authorized. Subject to the limitations described in the Protected Health Information section above, we may disclose your information to third parties in connection with the provision of our Service or as otherwise permitted or required by law. For example, we may disclose your information to:

  • Service providers. We provide personal data to vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions.  
  • Financial services & payment processing. When you provide payment data, for example to make a purchase, we will disclose payment and transactional data to banks, payment processors, and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services.
  • Marketing/Ad Partners. We may provide personal data to marketing and advertising partners. For example, we may share identifying information with an advertising partner in order to deliver personalized advertising to you or for the purpose of delivering advertisements to other people with similar interests to you. This may include sensitive personal information such as health data to the extent it is not Protected Health Information. For example, if you view a webpage about biohacking or longevity, we may provide that information to an advertising partner who will then deliver advertisements to you on different websites based on your viewing activity.
  • Affiliates. We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business.  
  • The Labs, Pharmacies, Medical Groups, or their Healthcare Providers. We facilitate information sharing between you and the Labs, Pharmacies, Medical Groups, and Healthcare Providers, as applicable, to enable them to provide services to you via the Service and to collect payment on their behalf.
  • Corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.  
  • Legal and law enforcement. We will access, disclose, and preserve personal data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.  
  • Security, safety, and protecting rights. We will disclose personal data if we believe it is necessary to: some text
    • protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
    • operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or
    • protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

Third party analytics and advertising companies also collect personal data through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the “Cookies” section of this statement. These third-party vendors may combine this data across multiple sites to improve analytics for their own purpose and others. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners.

Other third-party analytics and advertising providers we use on our websites include, for example:

Some of the data disclosures to these third parties may be considered a “sale” or “sharing” of personal information as defined under the laws of California and other U.S. states.  Please see the “Choice and Control” and “California Privacy Rights” sections below for more details.  

Please note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.

Finally, we may disclose de-identified information in accordance with applicable law.

Electronic Communications: Communications by Text Message and Email

When you access or use the Platform and our Service or send emails or text messages to us, the Medical Group or their Healthcare Providers, you are communicating with us, the Medical Groups and their Healthcare Providers electronically and you consent to receive communications from us, the Medical Groups and their Healthcare Providers electronically. We will communicate with you via email or via SMS text message. 

By choosing to use the Superpower Platform and its Services, you are opting-in to send and receive text (SMS) messages to and from Superpower, the Medical Groups and their Healthcare Providers (an “SMS Enrollment”), and you consent to receiving text messages regarding your Superpower account, use of the Platform, the Services and your Protected Information. These text messages may include appointment reminders, discussions form your Healthcare Provider pertaining to medical services rendered, lab test results, order confirmations, shipping notifications, and other messages from your Healthcare Provider, and other transactional messages, as well as promotional and marketing notifications from Superpower. Superpower uses an encrypted text messaging system (encrypted on the Superpower side), but it is not HIPAA compliant and is not secure on your end. 

With your SMS Enrollment, you represent and understand that: (1) you are the owner or authorized user of the mobile device you used in order to initiate the SMS Enrollment, (2) you are authorized to approve any applicable charges in connection with the text messages you send to and receive from Superpower or the Healthcare Providers, (3) you will be responsible for all messaging and other data charges that may apply for any text messages sent between you and Superpower or the Healthcare Providers, and (4) neither Superpower, the Medical Groups, the Healthcare Providers, nor your or Superpower’s mobile carriers or service providers, will be liable for delayed or undelivered messages.

Note that access to many of the Services, including medical services, on the Platform is conditioned upon your consent to receive text messages related to your Superpower account and Protected Information as noted above, but it is not conditioned upon your consent to marketing or promotional text messages from Superpower, and you can opt-out of any of Superpower’s SMS services at any time by texting “STOP” to the message received, from the mobile device that is subscribed to receive the SMS messages. After you send the text message “STOP” to us, we may send you one final text message to confirm that you have been unsubscribed. If you have opted-in to receive more than one type of text message from Superpower, you will need to opt-out of each Superpower SMS service to which you are subscribed. Until you have done so, you may continue to receive the types of text messages from Superpower that you have opted-in to receive but have not unsubscribed from.

You also understand that while Superpower takes your privacy and the security of your health and other sensitive information very seriously, the transmission of information over the internet and mobile networks is not 100% secure. Text messages may be encrypted on the Superpower side only, and emails that you send to or receive from Superpower are not encrypted, which means that it is possible they may be intercepted by third parties. If you choose to send or receive information about your health or any other sensitive information by text message or email, you do so at your own risk. By initiating an SMS Enrollment, you consent to sending text messages to Superpower and the Healthcare Providers, and receiving text messages from Superpower and the Healthcare Providers, that are not fully encrypted. Likewise, by providing your email address on our Platform with or without creating an account, you consent to receiving unencrypted emails messages from Superpower.

If you are experiencing any issues with Superpower’s text messaging or email services, or if you have any concerns about sending or receiving any sensitive information through text or email, please contact us directly at compliance@superpower.com. If you have questions specific to your text or data plan, please contact your wireless provider.

Choice and control of personal data

We provide a variety of ways for you to control the personal data we hold about you, including choices about how we use that data. In some jurisdictions, these controls and choices may be enforceable as rights under applicable law.

If you wish to access, copy, download, correct, or delete personal data about you that we hold, please contact: compliance@superpower.com.

You can choose whether to receive promotional communications from us by email or SMS. If you receive promotional email or SMS messages from us and would like to stop, you can do so by following the directions in that message or by contacting us as described in the “Contact Us” section below. These choices do not apply to certain informational communications including surveys and mandatory service communications.

There are certain browser and platform controls that may be available to you in order to opt-out from or otherwise control targeted advertising as described below. You can use the opt-out controls offered by the organizations our advertising partners may participate in, which you can access at:

You can use the other cookie or mobile ID controls described below.

These choices are specific to the device or browser you are using. If you access our Services from other devices or browsers, you will need to take these actions from those systems to set applicable controls for those systems.

Browser or platform controls.

Cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.

Global Privacy Control. Some browsers and browser extensions support privacy controls that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales and/or targeted advertising, as specified by applicable law. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a privacy setting or similar control that is recognized by regulation or otherwise widely acknowledged as a valid opt-out preference signal.

Do Not Track. Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the websites you visit indicating you do not wish to be tracked. Unlike the privacy control described above, there is not a common understanding of how to interpret the DNT signal; therefore, our websites do not respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the privacy controls, cookie controls, and advertising controls described above.

Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.

Email web beacons. Most email clients have settings that allow you to prevent the automatic downloading of images, including web beacons, which prevents the automatic connection to the web servers that host those images.

Except for the automated controls described above, if you send us a request to exercise your rights or these choices, to the extent permitted by applicable law, we may decline requests in certain cases. For example, we may decline requests where granting the request would be prohibited by law, could adversely affect the privacy or other rights of another person, would reveal a trade secret or other confidential information, or would interfere with a legal or business obligation that requires retention or use of the data. Further, we may decline a request where we are unable to authenticate you as the person to whom the data relates, the request is unreasonable or excessive, or where otherwise permitted by applicable law.

Finally, please note that this Privacy Policy applies only to your “personal information,” which is separate from “medical information” or “protected health information.” To understand our information practices and your rights with respect to such information, visit the Medical Groups Notice of Privacy Practices.

Data Retention

Superpower may retain your information for as long as it believes necessary; as long as necessary to comply with its legal obligations, resolve disputes, and/or enforce its agreements; and/or as long as needed to provide you with the products and/or services of the Service or Superpower. Superpower may dispose of or delete any such information at any time except as set forth in any other agreement or document executed by Superpower or as required by law.

Similarly, the Medical Groups, Healthcare Providers, Pharmacies, and Labs may retain your information for as long as they believe necessary; as long as necessary to comply with their respective legal obligations, resolve disputes and/or enforce its agreements; and/or as long as needed to provide you with their products and/or services. The Medical Groups, Healthcare Providers, Pharmacies, and Labs may dispose of or delete any such information at any time except as set forth in any other agreement or document executed by such parties or as required by law.

Other third parties with whom we share your information have their own policies and procedures with respect to how long they may retain your information and how and when they dispose of or delete your information.

Transactions

In connection with any transaction that you conduct through the Service (e.g., the purchase or sale of any products or services on or through the Service), you may be asked to supply certain information relevant to the transaction, including, without limitation, your credit card number and expiration date, your billing address, your shipping address, your phone number and/or your email address. By submitting such information, you grant Superpower without charge the irrevocable, unencumbered, universe-wide and perpetual right to provide such information to third parties (e.g., payment processing companies, buyers on the Service, sellers on the Service) for the purpose of facilitating the transaction.

All credit card, debit card and other monetary transactions on or through the Service occur through an online payment processing application(s) accessible through the Service. The online payment processing application for the Platform, except the Superpower Marketplace powered by Shopify, is provided by Superpower' third-party online payment processing vendor, Stripe ("Stripe"). Additional information about Stripe, its privacy policy and its information security measures (collectively, the “Stripe Policies") should be available on the Stripe website located at https://stripe.com/us/privacy or by contacting Stipe directly. Reference is made to the Stripe Policies for informational purposes only and are in no way incorporated into or made a part of this Privacy Policy. Superpower' relationship with Stripe, if any, is merely contractual in nature, as Stripe nothing more than a third-party vendor to Superpower, and is in no way subject to Superpower' direction or control; thus, their relationship is not, and should not be construed as, one of fiduciaries, franchisors-franchisees, agents-principals, employers-employees, partners, joint venturers or the like.

Superpower Marketplace Powered by Shopify

Superpower users will be able to buy health related products including dietary supplements in the Superpower Marketplace that will be powered by Shopify. When using the Superpower Marketplace powered by Shopify, you are also subject to Shopify's privacy policy and terms which can be found at the following links: https://www.shopify.com/legal/privacy and https://www.shopify.com/legal/terms.  You will have the ability to buy one time or set up recurring subscriptions for products through the marketplace. 

Jurisdictional Issues

The Service may only be used within certain states within the United States as described in our Terms of Service. Accordingly, this Privacy Policy, and our collection, use, and disclosure of your information, is governed by U.S. law.

California Residents

If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (CCPA), you have certain rights with respect to that information.  

Notice at Collection. At or before the time of collection, you have a right to receive notice of our practices, including the categories of personal information and sensitive personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. You can find those details in this Privacy Policy.

Right to Know. You have a right to request that we disclose to you the personal information we have collected about you.  You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information.  Note that we have provided much of this information in this Privacy Policy. You may make such a “request to know” by emailing us at compliance@superpower.com.

Rights to Request Correction or Deletion. You also have rights to request that we correct inaccurate personal information and that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to correct or delete, email us at compliance@superpower.com.

Right to Opt-Out / “Do Not Sell or Share My Personal Information”. You have a right to opt-out from future “sales” or “sharing” of personal information as those terms are defined by the CCPA.

Note that the CCPA defines “sell,” “share,” and “personal information” very broadly, and some of our data sharing described in this privacy statement may be considered a “sale” or “sharing” under those definitions. In particular, we let advertising and analytics providers collect identifiers (IP addresses, cookie IDs, and mobile IDs), activity data (browsing, clicks, app usage), device data, and geolocation data through our sites and apps when you use our online services, but do not “sell” or “share” any other types of personal information. If you do not wish for us or our partners to “sell” or “share” personal information relating to your visits to our sites for advertising purposes, you can make your request by emailing compliance@superpower.com. If you opt-out using these choices, we will not share or make available such personal information in ways that are considered a “sale” or “sharing” under the CCPA.  However, we will continue to make available to our partners (acting as our service providers) some personal information to help us perform advertising-related functions. Further, using these choices will not opt you out of the use of previously “sold” or “shared” personal information or stop all interest-based advertising.

We do not knowingly sell or share the personal information of minors under 18 years of age.

Right to Limit Use and Disclosure of Sensitive Personal Information. You have a right to limit our use of sensitive personal information for any purposes other than to provide the services or goods you request or as otherwise permitted by law.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

Further, to provide, correct, or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your account.

Finally, you have a right to not be discriminated against for exercising these rights set out in the CCPA.

Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes.  

Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law.

Miscellaneous

We strive to use reasonable physical, technical and administrative measures to protect information under our control. However, you must keep your Account password secure and your Account confidential, and you are responsible for any and all use of your Account. If you have reason to believe that the security of your Account has been compromised, please notify us immediately in accordance with the "Contacting Us" section below.

When using the Service, you may choose not to provide us with certain information, but this may limit the features you are able to use or may prevent you from using the Service all together. You may also choose to opt out of receiving certain communications (e.g., newsletters, promotions) by emailing us your preference. Please note that even if you opt out, we may still send you Service-related communications. We do not currently respond to web browser "do not track" signals or other mechanisms that provide a method to opt out of the collection of information across the networks of websites and online services in which we participate. If we do so in the future, we will describe how we do so in this Privacy Policy. Superpower may supplement, amend, or otherwise modify this Privacy Policy at any time. Such supplements, amendments and other modifications will be posted on this or a similar page of the Service, and shall be deemed effective as of the "Last Updated" date; provided, however, that Superpower will notify you and/or require you to accept the updated Privacy Policy if the supplemented, amended or otherwise modified Privacy Policy implements material changes from Superpower' then-current Privacy Policy. It is your responsibility to carefully review this Privacy Policy each time you visit, access or use the Service.

Contacting Us

If you have any questions about this Privacy Policy, please contact us by email at compliance@superpower.com or by regular mail at:

Superpower Health, Inc.
Attn: Privacy Officer
11209 National Blvd
Unit #1016
Los Angeles, CA 90064