Privacy Statement

Effective Date: January 1, 2021

(If you are a CA resident, this statement includes your California Privacy Rights)

Welcome to the Active&Fit DirectTM program which is a fitness and health education program (the “Active&Fit Direct Program” or “Program”).The Active&Fit Direct Program and the Active&Fit Direct website (the “Active&Fit Direct Website” or “Website”) are owned and operated by American Specialty Health Fitness, Inc. (ASH Fitness), a subsidiary of American Specialty Health Incorporated (“ASH”), a Delaware corporation with a mailing address of 10221 Wateridge Circle, San Diego, CA 92121, on behalf of itself and its subsidiaries. The Active&Fit Direct Healthy Living Program as part of the Active&Fit Direct program are managed by ASH affiliate, American Specialty Health Management, Inc. (“ASH Management”). The provisions of this Privacy Statement apply to these companies to the extent they support the Active&Fit Direct program. The terms “ASH” or “we” in this Privacy Statement refer collectively to these companies.

ASH values its users (“you”) and respects your privacy. We are committed to using your information responsibly. The information you provide to us through the Active&Fit Direct Program or on the Active&Fit Direct Website is governed by this Privacy Statement. This Privacy Statement informs users about the Active&Fit Direct information practices, including: what personal information we collect through the Active&Fit Direct Program and on the Active&Fit Direct Website; how the personal information is collected; how the personal information will be used; and the choices you have about the collection and use of personal information.

This Privacy Statement, together with the Terms and Conditions govern your participation in the Active&Fit Direct Program and your use of the Active&Fit Direct Website. By using the Active&Fit Direct Website, or otherwise participating in the Active&Fit Direct Program, you accept and agree to be bound by this Privacy Statement and the Terms and Conditions.

You should read and familiarize yourself with this Privacy Statement and with ActiveandFitDirect.com Terms and Conditions. By using ActiveandFitDirect.com, you acknowledge and consent to our collection, processing and use of your information as described in this Privacy Statement. For any questions about this Privacy Statement, please contact us directly through any means noted at the end of this Privacy Statement. If information practices change, ActiveandFitDirect.com will post the revised policy on ActiveandFitDirect.com and/or will notify users through direct communication.

Information Collected by Active&Fit Direct

We do not knowingly or intentionally collect what is commonly referred to as ‘sensitive personal information’. Sensitive personal information is information related to reproductive health, sexually transmitted diseases, substance use disorder, gender dysphoria, gender affirming care, domestic violence, and mental health. Please do not submit sensitive personal information to us.

How we obtain information about you:

  • when you provide it to us (e.g. by contacting us through our Contact Us, through our chat, when you call us, when registering or enrolling for the services)
  • from your use of our website, using cookies, and
  • occasionally, from our service providers.
     This chart is a reference guide on how the Active&Fit Direct program collects, uses, and shares your information. This is only a summary. You should review the full privacy statement below for more detail. If you are a California resident or an international user, the full privacy statement below contains important information related to your privacy rights.  
 Categories of Personal InformationSource of CollectionHow do we use?How do we share?
Program Administration:

 

Website Registration
Program Enrollment & Administration
Guest Pass Requests
Fitness Center/ Active Options Activation & Access

Identifiers

First and last name,
Email address,
Username and password,
Security question and answer
Fitness ID

Personal Information:
Phone number (optional)
Mailing address

Protected Class Information:
Date of Birth
Gender (optional)

Provided by you. 

To perform services such as maintain and service your account, provide customer service, process transactions, verify customer information, and advertising and marketing of affiliate products available to you through ASH as part of your Sponsoring Organization’s plan.

To perform auditing, detecting security incidents, debugging programs, internal research and tech development, quality assurance, and product improvement.

With contracted Fitness Centers and/or Active Options providers (hereinafter “Fitness Providers”) for eligibility, reimbursement, and utilization reporting. Additional information shared may include Fitness ID, program name, and effective date/termination date.

We may share email, first name, and last name with service providers who support email communications.

Fitness Providers may share utilization data with Us for benefit administration purposes.

Digital Workout/Live Fitness Class StreamingIdentifiers:
IP Address, Device ID,
Profile name (if you comment or interact with Active&Fit Direct or Streaming Service Providers)
Provided by you to Streaming Service Provider when you activate or stream a digital workout or live fitness class.

To perform services such as maintain and service your account, provide customer service, process transactions, track utilization, and verify customer information.

Facilitate access to, and viewing of, streamed materials made available through the program but hosted on, or streamed through, the Streaming Service Provider’s platform.

With Streaming Service Provider for digital workouts. The Provider and ASH share general utilization data for administrative purposes such as processing reimbursement by ASH to the Provider.

Your use of the third-party website (Facebook, Youtube, etc.) to view publicly available live classes is governed by its own Privacy Policy and Terms & Conditions. If you comment on a workout video, your comment may be publicly viewable and ASH may receive your profile name, in order to reply to your comment.

Connected!™
Feature

Identifiers: Device ID

Personal Information:
Your fitness device activity information (e.g. steps, exercise duration, etc.)

When you agree to participate in the Connected! feature, you authorize your device to share your activity information with an activity aggregator, who forwards the activity information to Us to include in your account. 

To perform services related to recording your activity, such as steps taken in a day, and tracking your progress over time.

To perform auditing, detecting security incidents, debugging programs, internal research and tech development, quality assurance, and product improvement.

ASH does not share outside of our organization.
Active&Fit Direct Healthy Living Telephonic CoachingIdentifier:

First and last name,
E-mail address

Personal Information:
Phone number,
Mailing address,
Sponsoring Organization name, Video and/or audio recording of coaching session, Healthy Living Coaching Enrollment Information (e.g. information related to wellness goals,
Height, Weight, general health information to ensure coaching program is appropriate for you)

Protected Class Information:
Date of Birth
Gender

 

Provided by you.

Healthy Living Coaching Information is provided by you to ASH Fitness’ affiliate, American Specialty Health Management, Inc. (ASH Management). ASH Management provides the coaching services. 

To perform services such as maintain and service your account, provide customer service, process transactions, verify customer information, and advertising and marketing of affiliate products available to you through ASH as part of your Sponsoring Organization’s plan.

 

ASH Management provides the coaching services with administrative support provided by ASH Fitness. Any Healthy Living Coaching Information noted herein is retained by ASH Management. ASH Fitness and ASH Management will share individually identifiable information (e.g., Identifiers, Personal Information, Protected Class Information) for administration of the coaching feature and to address any complaints.

ASH Management may also provide individually identifiable information to ASH Fitness about Active&Fit Direct member participation in the program, but information is limited to your participation and does not include any information obtained in coaching sessions. ASH Fitness may in turn share aggregate participation information with your Sponsoring Organization.

SurveysIdentifiers: 

First and last name,
Email address

Personal Information:
Mailing address

Provided by ASH to our Survey Service Provider. To gather customer feedback to perform services related to internal research and tech development, quality assurance, and product improvement.

With Survey Service Provider for administering the survey.

We may share aggregate results of the survey with Sponsoring Organizations, existing and potential clients and the public.

Contact UsIdentifier:

First and last name
E-mail address

Personal Information:
Phone number,
Sponsoring Organization,
General inquiry details

Provided by you. To verify your information and to perform services addressing your questions, suggestions and complaints.

We share the information outside of ASH as necessary to resolve your inquiry or concern when resolution requires third-party action including with your Sponsoring Organization.

We share information with our chat Service Provider for auditing, detecting security incidents, debugging programs, internal research and tech development, and quality assurance and product improvement.

Payment ProcessingWe do not collect your credit card information or maintain it on our systems. If you choose to enroll in the Active&Fit Direct Program, you will be asked to provide your credit card information to process any fees incurred by you as part of the program, including but not limited to, your enrollment fee and recurring monthly fee. We use a PCI-compliant third-party payment processor to collect and process your credit card information. Active&Fit Direct does not directly collect or maintain your credit card information.
Additional Sharing

For legal purposes, including: as reasonably necessary to comply with law or legal process (including a court or government order or subpoena); to detect, prevent, or otherwise address fraud, security or technical issues; to enforce this Privacy Statement or the Terms & Conditions for the Active&Fit Direct program and the use of this Website; and as reasonably necessary to protect the rights, property or safety of ASH, ASH users, and/or the public.

During a corporate reorganization: If ASH is involved in a merger, acquisition, financing, or sale of business or assets, information collected from and about users may be transferred to one or more third parties involved in such transaction and, upon such transfer, the relevant third-party privacy policy or policies may govern further use of the information. In the event of such a change, ASH will endeavor to notify our users of the change as well as any choices our users may have regarding the change.

Aggregate information: In addition, ASH may provide service providers, reputable third-party vendors and Sponsoring Organizations with aggregate statistics regarding user participation, Active&Fit Direct Website traffic patterns and related Usage Information. The information so provided will not include individually identifiable information, meaning we will not share your Personal Information when sharing aggregate information.

Cookies, Website Analytics, and Interest Based AdvertisingInternet or Electronic Activity Information:
Web server logs,
Cookies,
Web beacons, and
Website browsing activity
Aggregated information provided by Google Analytics. 

To perform auditing, detecting security incidents, debugging programs, internal research and tech development, quality assurance, and product improvement.

To perform services related to advertising and marketing of affiliate products available to you through ASH as part of your Sponsoring Organization’s plan.

We do not share the information that Google Analytics provides to us with any third parties. 

Your Active&Fit Direct Program may include access to other ASH products and programs, such as but not limited to, the Connected!, ExerciseRewards and Active&Fit Direct Healthy Living features. These products and programs have separate Terms and Conditions and Privacy Statements and may be provided by affiliates of ASH Fitness. You should review and accept their respective Terms and Conditions and Privacy Statements before you use them.

If you consent to your information being used to access one of our affiliate products, such as the Exercise Rewards Program, the use of your information is governed by the Privacy Statement of the affiliate product.

f you choose not to provide your Personal Information, certain features of the Active&Fit Direct Program and Active&Fit Direct Website will not be available to you.

Additional Detail Regarding Uses

Program Administration: Website Registration, Program Enrollment & Administration, Guest Pass Requests, Fitness Center/Active Options Activation & Access: The Active&Fit Direct Program registration requires Identifiers such as first and last name, date of birth, gender (optional), mailing address, phone number (optional) and e-mail address. We also require a username and password to enter the password-protected area of the Active&Fit Direct Website and a security question and answer to help recover your user name and/or password We may share your email, first name, and last name with service providers who support email communications.

If you request a guest pass letter, you will be required to register for the site. We may follow up with you on your guest pass experience at the contact information you provide.

Digital Workout/Live Fitness Class Streaming

  • Digital Workouts. For some digital workouts, ASH embeds the Streaming Service Provider’s video platform directly onto the Active&Fit Direct website. For such content, when you view the content, the Streaming Service Provider and ASH will receive analytic information such as IP address, Device ID, and videos participants have selected to watch, and timestamp when watched. The provider and ASH will use this information to receive data about the content being accessed and to process payment by ASH to the Streaming Service Provider. In addition, ASH will pair the information with Fitness ID for program administration purposes.
  • Viewing live workouts. If you click on the Active&Fit Direct live workout links hosted on Facebook and Youtube, you will be redirected to those third-party websites to view the workout. Your use of the third-party website (Facebook,Youtube, etc.) is governed by its own Privacy Policy and Terms & Conditions. If you comment on a workout video, your comment may be publicly viewable and ASH may receive your profile name, in order to reply to your comment.
  • Joining Connected!TM: If you use the Active&Fit Direct Connected! feature, you allow us to record your activity related information, such as steps taken in a day, through your eligible enabled activity/fitness device or equipment (a “Fitness Device”). When you use this feature, your activity information will be transmitted from your Fitness Device by the Fitness Device manufacturer to a third-party data aggregator that we use to facilitate the Active&Fit Direct Connected! feature. After receiving the information from the aggregator, we upload the information into your member profile/account on Active&Fit Direct Website. By using the Active&Fit Direct Connected! feature, you allow us to receive this information from your Fitness Device.
  • Searching for and selecting an Active&Fit Direct Fitness Provider: We may collect and use your address to help locate Active&Fit Direct fitness providers near you. We may also receive utilization reports containing dates of visits from any Active&Fit Direct fitness provider that you have accessed through your enrollment in the program.
  • If you participate in Active&Fit Direct Healthy Living Telephonic Coaching, ASH will collect your first and last name, date of birth, gender, e-mail address, phone number, mailing address, and Sponsoring Organization name. The coaching is provided through ASH Fitness affiliate ASH Management. ASH Management shares individually-identifiable participation information with ASH Fitness. The two affiliates may share your Identifiers and related Personal Information and Protected Class Information to perform services such as to maintain and service your account, provide customer service, process transactions, and verify customer information. ASH Management does not share coaching records or information obtained in a coaching session with ASH Fitness. ASH Fitness may share aggregate participation information with your Sponsoring Organization. ASH Fitness may also exchange individually identifiable information with your Sponsoring Organization as necessary to resolve customer service issues that you may have involving your program.
  • Surveys. A portion of members are randomly selected for participation in surveys. If you are selected, your name, email address and mailing address will be forwarded to our Survey Service Provider for administration of the survey. If you receive a survey, your participation is optional. ASH may share non-individually identifiable aggregate survey results with your Sponsoring Organization.
  • Contacting us: When you contact us through the Active&Fit Direct Website, via email, telephone or other means, we may collect your name, phone, address, e-mail address, sponsoring organization, inquiry type, and comment. We may share with your Sponsoring Organization to resolve any inquiry that require third-party action.

Cookies and other similar technologies

We use cookies and other similar technologies on the Active&Fit Direct Website to help us remember who you are, to enhance and personalize your experience, to understand and save your preferences for future visits, to compile group information about our users, and to carry out other tasks relating to the operation or improvement of the Active&Fit Direct Website.

  • Cookies: We use cookies and other similar technologies on the Active&Fit Direct Website to help us remember who you are, to enhance and personalize your experience, to understand and save your preferences for future visits, to compile group information about our users, and to carry out other tasks relating to the operation or improvement of the Active&Fit Direct Website.
    • Cookies are small text files that are placed on your hard disk by a webpage server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. Most web browsers are initially set to accept cookies, but you can change your browser settings to notify you when you are sent a cookie, giving you the ability to accept or reject it, or you can choose to routinely and manually delete cookies stored on your computer or mobile device. Each time you revisit the Active&Fit Direct Website, your ability to restrict our use of cookies on that service is subject to your browser settings and limitations at the time. Please note that if you choose to disable or reject cookies from the Active&Fit Direct Website, some portions and features of the Active&Fit Direct Website may become inaccessible or may not function properly.
  • Web Beacons: We use web beacons, which can be included in web pages or in emails for reporting and analytic purposes, such as counting users who have visited a web page and/or tracking usage patterns. We do not gather personal information of any kind via this activity. Web beacons cannot be declined when delivered via a regular web page. However, web beacons can be refused when delivered via email. If you do not wish to receive web beacons via email, refuse HTML (select Text only) emails via your email.
  • Web server log information: We collect and store server logs to ensure network and IT security and so that the server and website remain uncompromised. This includes analyzing log files to help identify and prevent unauthorized access to our network, the distribution of malicious code, denial of services attacks and other cyber-attacks, by detecting unusual or suspicious activity.
    • We also use server logs to troubleshoot application issues that would impact Active&Fit Direct users experience. This could happen when a certain feature (for example login or subscription) isn’t working as expected or when the performance of the website is degraded.
    • Unless we are investigating user-impacting issues, suspicious or potential criminal activity, we do not make, nor do we allow our hosting provider to make, any attempt to identify you from the information collected via server logs.
  • Interest-Based Advertising: We may also work with a variety of advertisers, third-party websites/applications, and analytics companies that use these technologies to collect data about your use of the Active&Fit Direct Website so that we can deliver ads to you based on your interests and online activities. This information does not identify you or give us access to your computer or mobile device. For more information about online advertising or to choose not to see interest-based ads, please visit http://www.aboutads.info/choices. Keep in mind that if you choose not to see online interest-based ads, you’ll still see ads, but they may not be as relevant to you.
  • Google Analytics: Google Analytics to collect information to improve the Website, such as how often users visit the Website, what pages they visit when they do so, and what other websites they used prior to visiting the Active&Fit Direct Website. Google Analytics places a cookie on your web browser so that it can identify you the next time you visit the Website, and the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the Website is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. If you don’t want Google Analytics to be used in your browser, you can install the Google Analytics opt-out browser add-on which is available at https://tools.google.com/dlpage/gaoptout

DO NOT TRACK: Some web browsers incorporate a "do-not-track" (“DNT”) or similar feature that signals to websites that a visitor does not want to have his/her online activity tracked. If a website receives a DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, we (along with many other website operators) do not currently respond to DNT signals. For more information about DNT signals, visit www.allaboutdnt.com.

How Active&Fit Direct uses personal information

We use personal information collected through the Active&Fit Direct program to enable users to access and use the Active&Fit Direct program tools and features. For example:

  • If you register on the Active&Fit Direct Website, we will use your registration information to set up, administer, service, and communicate with you regarding your account. Registration on the Active&Fit Direct Website is required for users to participate in the program and to gain access to special tools and features of the Active&Fit Direct program. When information is submitted while registering/enrolling with the Active&Fit Direct Website the information can only be seen in a secure location in the My Programs section and a unique User ID is created to coincide with the registration/enrollment information.
  • If you use the Connected! feature of the Active&Fit Direct Website, we will record your fitness provider visit and exercise and your other independent activity information over time and will use such recorded information for utilization purposes. If you enter your gender, birth year, weight, and height into your device that is shared with your Connected! Profile, we may use this information to calculate and display your calorie metrics based on activity reported through your Connected!-enabled device.
  • On-Demand Digital Workout Classes. ASH embeds Service Providers’ video platform directly onto the Active&Fit Direct website. For such content, when you view the content, the Streaming Service Provider and ASH will receive analytic information such as IP address, Device ID, and videos participants have selected to watch, and timestamp when watched. The provider and ASH will use this information to receive data about the content being accessed and process payment by ASH to the Streaming Service Provider. In addition, ASH will pair the information with Fitness ID for program administration purposes.
  • Healthy Living Coaching, ASH Fitness affiliate, ASH Management uses the personal information you provide during coaching to provide you with the coaching services and to track your progress with your wellness goals. ASH Management records video and audio coaching sessions for quality assurance and training purposes. The two affiliates may share your Identifiers and related Personal Information and Protected Class Information to perform services such as to maintain and service your account, provide customer service, process transactions, and verify customer information. ASH Management may also provide information to ASH Fitness about Active&Fit Direct member participation in the coaching program. ASH Fitness may in turn share aggregate information with your Sponsoring Organization. ASH Fitness may also exchange individually identifiable information with your Sponsoring Organization as necessary to resolve customer service issues that you may have involving your program. This information is not maintained on the Active&Fit Direct Website.
  • If you enroll with a Fitness Provider, we will use your information to process your enrollment., along with a Fitness ID we assign to your account, with Fitness Providers to confirm your eligibility for services, to reimburse Fitness Providers and for reporting utilization of the Fitness Providers services. Additional information shared with Fitness Providers for these purposes may include your Sponsoring Organization’s program name, your effective date/termination date with Active&Fit Direct, and the fitness provider location and date of your visit or use of the location.
  • If you participate in a Survey, ASH will use your information and responses to improve our program and to share program aggregate feedback with your Sponsoring Organization, our existing and potential clients, and the public.
  • Email: We use a Service Provider to store emails you send us. We also use our Service Providers to send follow-up emails to the address you provide. Transmission of information over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk.
  • If you Contact Us, we will use your information to process and respond to your inquiries and requests. If you contact us by phone, we may record you phone calls for quality and training purposes.

Sharing with Third Parties

ASH may share your Personal Information with third parties in the following circumstances:

With Sponsoring Organizations: You have access to Active&Fit Direct through a program made available to your Sponsoring Organization. Your Sponsoring Organization, is the entity who is offering the Active&Fit Direct program to its eligible population. We may provide Aggregate Information to the Sponsoring Organization.

With Service Providers: To facilitate services under the Program and to support the operation and maintenance of the Active&Fit Direct. Our service providers include:

  • Telephone Providers
  • Email Providers
  • Mailing List Providers
  • Payment Processing
  • Activity Aggregator
  • Cloud Provider
  • Chat Provider
  • Analytic Provider
  • Fitness Providers
  • Fitness Class Streaming
  • Healthy Living Coaching

For legal purposes, including: as reasonably necessary to comply with law or legal process (including a court or government order or subpoena); to detect, prevent, or otherwise address fraud, security or technical issues; to enforce this Privacy Statement or the Terms & Conditions for the Active&Fit Direct program and the use of this Website; and as reasonably necessary to protect the rights, property or safety of ASH, ASH users, and/or the public.

During a corporate reorganization: If ASH is involved in a merger, acquisition, financing, or sale of business or assets, information collected from and about users may be transferred to one or more third parties involved in such transaction and, upon such transfer, the relevant third-party privacy policy or policies may govern further use of the information. In the event of such a change, ASH will endeavor to notify our users of the change as well as any choices our users may have regarding the change. In addition, ASH may provide reputable third-party vendors and sponsoring organizations with aggregate statistics regarding user participation, Active&Fit Direct Website traffic patterns and related Usage Information. The information so provided will not include individually identifiable information, meaning we will not share your Personal Information with these third-party vendors.

Disabling and Deleting User Accounts and Information

Except as expressly otherwise stated in this Privacy Statement, and except where applicable law provides otherwise, personal information collected on the Active&Fit Direct Website, or through the Active&Fit Direct Program generally, cannot be deleted or removed from ASH’s database and will be retained in accordance with ASH’s record retention policy. User accounts, however, may be disabled upon written request, using the contact information at the end of this Privacy Statement.

ASH retains your data for ten years. ASH may also retain your data as long as required by any legal obligations. California Residents see below.

Opt-out of Communications received from Active&Fit Direct

If you have provided your email address, postal address, and/or telephone number to ASH Fitness, you may opt out of receiving marketing/promotional communications about affiliate programs that may be available to you from ASH Fitness by contacting ASH Fitness as described at the end of this Privacy Statement. To stop receiving marketing/promotional communications via email, you can also use the “unsubscribe” link contained in a marketing/promotional email you have previously received from ASH Fitness. Please note that email unsubscribe requests may not take effect immediately.

NOTE: Your opt-out regarding our marketing/promotional communications will not stop communications from ASH Fitness of a transactional nature or as required by law. For example, we will still send you communications regarding your account or a purchase, request or inquiry you have made with ASH Fitness, notices regarding material changes to the Active&Fit Direct Website or its information practices, and other administrative notices.

ASH is concerned about the safety of children when they use the Internet. The Active&Fit Direct product and Website are not intended for use by persons under the age of majority (e.g., under the age of 18 in California). If ASH becomes aware that a user is under the age of 18 and has provided Personal Information to ASH without prior parental consent, ASH will remove all information provided by such underage user from its database.

Security of Personal Information

In order to maintain confidentiality and safeguard the security of Personal Information, ASH has implemented company-wide policies regarding privacy, security, and confidentiality. Despite these measures, the confidentiality of your Personal Information cannot be guaranteed. We encourage you to take appropriate steps to protect your Personal Information, such as using a complex password when you register for the Program.

Third-Party Links and Services

For your convenience, the Active&Fit Direct Website may provide links to third-party websites and online services not owned or controlled by or affiliated with ASH (each, a “Linked Third-Party Website/Service”). Linking does not mean, and should not be deemed or construed to mean, that ASH endorses or approves or is affiliated with a Linked Third-Party Website/Service. ASH is not responsible for the information privacy and security policies or practices of a Linked Third-Party Website/Service. When you leave the Active&Fit Direct Website to visit a Linked Third-Party Website/Service, this Privacy Statement no longer applies, and any information collected from or about you or your device by a Linked Third-Party Website/Service will be governed by that site/service’s privacy policies and practices, which may be substantially different from those of ASH. A Linked Third-Party Website/Service may set or use its own cookies, web beacons, etc. to your computer or mobile device, and may collect information from and about you and use the information in ways that ASH would not. You access a Linked Third-Party Website/Service entirely at your own risk. You should always read the privacy policy associated with a Linked Third-Party Website/Service before disclosing any personal information. Linked Third-Party Websites may include websites operated by Service Providers identified below.

For more on Links, please see the Active&Fit Direct Terms and Conditions.

NOTE TO INTERNATIONAL USERS.

 

The Active&Fit Direct Program and Website are intended for U.S. residents. If you are outside of the United States and access the Active&Fit Direct Website or submit your Personal Information to us, please be advised that U.S. law may not offer the same privacy protections as the law of your jurisdiction. By using the Active&Fit Direct Website or submitting your Personal Information to us, you consent to the transfer to and processing of your Personal Information in the United States.

CALIFORNIA RESIDENTS: YOUR CALIFORNIA PRIVACY RIGHTS

Under California Civil Code Section 1798.83 (known as the “shine the light” law) and the California Consumer Privacy Act 1798.100-199 (known as the “CCPA”), provide California residents with specific rights related to the collection, use and disclosure of their personal information by us.

Under the “shine the light” law, California residents have a right to request an information-sharing disclosure from a business to which they have provided personal information and which has disclosed the information to any third party for third-party direct marketing uses in the prior calendar year.

While our privacy practices have adopted many of the CCPA requirements across our program, this section discusses specific rights and elements applicable to persons who are California residents at the time we collected, used or disclosed your personal information.

Your rights in relation to your information:

Right to Know: You have the right to request that ASH disclose what personal information we have collected, used, disclosed, and sold in the previous twelve (12) months.

To request this information you may fill out this form - https://go.ashcompanies.com/hubfs/RighttoKnow.pdf. You may submit this form by emailing us at the following email: HIPAA@ashn.com with the subject line “California Privacy Rights” or by mailing said form to our address below. You may also utilize your Right to Know by phone at (844) 646-2746.

ASH will verify your request by matching information provided by you in the Right to Know Form to information housed in our internal systems.

If we are unable to verify the request, we will deny the request and provide notice of such denial. ASH may also deny requests if you submit the Right to Know Form more than twice in a calendar year or if your request is not sent to the designated email, phone number, or address.

ASH will grant, deny, or respond to a request within 45 days of receipt of the Right to Know Form. If an extension of time (up to a maximum of 90 days) is required, we will notify you and provide additional information about the process.

0Right to Delete: You have the right to request the deletion of your personal information collected or maintained by the ASH.

To request this information you may fill out this form - https://go.ashcompanies.com/hubfs/RighttoDelete.pdf. You may submit this form by emailing us at the following email: HIPAA@ashn.com with the subject line “California Privacy Rights” or by mailing said form to our address below. You may also utilize your Right to Delete by phone at (844) 646-2746.

ASH will verify your request in a two-step verification process. First, ASH will match information provided by you in the Right to Delete Form to information housed in our internal systems. Second, ASH will contact you to verify your identity and confirm your request, such contact may be made by phone or email.

If we are unable to verify the request, we will deny the request and provide notice of such denial. ASH may also deny requests if you submit the Right to Delete Form more than twice in a calendar year or if your request is not sent to the designated email, phone number, or address.

ASH will grant, deny, or respond to a request within 45 days of receipt of the Right to Delete Form. If an extension of time (up to a maximum of 90 days) is required, we will notify you and provide additional information about the process.

In response to your request, ASH may deny or grant your request. If ASH grants your request, we will notify you as to which of the following methods We have used to fulfill your request. We may do one of the following: (1) permanently delete your information from our systems; (2) deidentify your information; or (3) aggregate your information in accordance with CCPA requirements.

A denial of a deletion request may occur if ASH requires the use of your personal information to complete a transaction or provide services on your behalf, to detect security incidents and prosecute those responsible, to debug and repair errors that impair existing functionality, to exercise free speech or allow you to exercise free speech or any other right, to comply with the California Electronic Communications Privacy Act, to engage in public or peer-reviewed research with informed consent if deletion would seriously impair the achievement of such research, to enable solely internal uses that are reasonably aligned with the business relationship between you and ASH, or to comply with a legal obligation.

Right to Non-Discrimination: You have the right to exercise your privacy rights to know and to delete without facing discrimination of service or product offerings. Your use of Active&Fit Direct will remain the same whether you exercise your Right to Know or Right to Delete under the CCPA.

Right to Authorize an Agent: You have the right to authorize an agent to communicate on your behalf. To authorize an agent you may fill out this form - https://go.ashcompanies.com/hubfs/AuthorizedAgent.pdf. You may submit this form by emailing us at the following email: HIPAA@ashn.com with the subject line “California Privacy Rights” or by mailing said form to our address below. You may also utilize your Right to Authorize Agent by phone at (844) 646-2746.

ASH will verify your request by matching information provided by you in the Right to Authorize an Agent Form to information housed in our internal systems.

If we are unable to verify the request, we will deny the request and provide notice of such denial.

Right to Opt-Out: ASH does not sell or knowingly share your personal information with third parties for non-permitted uses including direct marketing. California residents may send requests for information-sharing disclosure under this law by contacting us at the following email: HIPAA@ashn.com with the subject line “California Privacy Rights” or by phone (844) 646-2746 or by mail address located in the contact section below. Please note that, under this law, we are not required to respond to your request more than twice in a calendar year, nor are we required to respond to any requests that are not sent to the designated email, phone number, or address.

Additionally, should we receive CCPA-related requests that are manifestly unfounded or excessive, in particular because of their repetitive character, we reserve the ability to either charge a reasonable fee for taking the action requested or refuse to act on the request. If we refuse your request on this basis we will notify you of the reason why.

CCPA Form 2020 Metrics

 Requests to Know Requests to DeleteRequests to Opt-Out Right to Agent
Total # Received01201
# Complied with in Whole or Part0400
# Denied0801
Mean # of Days to Respond to Request09.503
# of Requests Denied because request was not verifiable, was not made by a consumer, request related to exempt information, or wrong form submitted etc.0801

*Note: Numbers above reflect requests received from all individuals, rather than requests received from consumers only.

Program Contact Information

Questions and requests may be submitted through the Contact Us feature of the Active&Fit Direct Website, or using the following contact information:

U.S. Mail

Active&Fit Direct Customer Service
P.O. Box 509117
San Diego, CA 92150-9117

By Phone

(844) 646-2746, 5:00am to 6:00pm, Monday through Friday (except for company holidays).

E-mail

afdcontactus@ashn.com

If you need assistance with or require this Privacy Statement in an alternative format, please contact us at (844) 646-2746.

Privacy and Security Contact Information

ASH has a designated Privacy Officer and an Information Security Officer to oversee our privacy and security programs. You may direct questions about these programs to these individuals by either calling (877) 427-4766 or emailing HIPAA@ashn.com.

The Active&Fit Direct Program and use of the Active&Fit Direct Website are governed by the Active&Fit Direct Terms and Conditions.