ACCESS
Modern Health provides individuals with reasonable access to personal data that Modern Health retains about them, and also provides a reasonable opportunity to correct, amend or delete information where it is inaccurate or has been processed in violation of the Privacy Shield Principles. Modern Health may limit or deny access to personal data where the burden or expense of providing access would be disproportionate to the risks to the individual in the case in question, or where the rights of persons other than the individual would be violated. If you require access to your personal data to correct, amend, or delete your personal data, please contact us as described below.

CHOICE
Modern Health generally offers individuals the opportunity to choose whether their personal data may be (i) disclosed to third-party data controllers or (ii) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by the relevant individual. To the extent required by the Privacy Shield Principles, Modern Health obtains opt-in consent for certain uses and disclosures of sensitive data, including information relating to health or ethnicity. Individuals may contact Modern Health as described below regarding Modern Health’s use or disclosure of their personal data. Unless Modern Health offers individuals an appropriate choice, Modern Health uses personal data only for purposes that are materially the same as those indicated in this Policy.

ONWARD TRANSFER
We are responsible for ensuring that our agents, service providers and other third parties to whom we disclose your personal data process the information in a manner consistent with our obligations under the EU-U.S. and Swiss-U.S. Privacy Shield Principles. Accordingly, Modern Health requires third party-controllers to whom it discloses personal data to contractually agree to (i) only process the personal data for limited and specified purposes consistent with the consent provided by therelevant consumer, (ii) provide the same level of protection for personal data as is required by the Privacy Shield Principles, and (iii) notify Modern Health and cease processing personal data if the third party controller determines that it cannot meetits obligation to provide the same level of protection for personal data as is required by the Privacy Shield Principles. With respect to transfers of personal data to third-party processors, Modern Health (i) enters into a contract with each relevant processor, (ii) transfers personal data to each such processor only for limited and specified purposes, (iii) ascertains that the processor is obligated to provide the personal data with at least the same level of privacy protection as is required by the Privacy Shield Principles, (iv) takes reasonable and appropriate steps to ensure that the processor effectively processes the personal data in a manner consistent with Modern Health’s obligations under the Privacy Shield Principles, (v) requires the processor to notify Modern Health if the processor determines that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles, (vi) upon notice, including under (v) above, takes reasonable and appropriate steps to stop and remediate unauthorized processing of the personal data by the processor, and (vii) provides a summary or representative copy of the relevant privacy provisions of the processor contract to the Department of Commerce, upon request. Modern Health remains liable under the Privacy Shield Principles if the company’s third-party processor onward transfer recipients process relevant personal data in a manner inconsistent with the Privacy Shield Principles, unless Modern Health proves that it is not responsible for the event giving rise to the damage.

RECOURSE AND ENFORCEMENT
In compliance with the Privacy Shield Principles, Modern Health commits to resolve complaints about our collection or use of your personal data. EU, UK and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Modern Health at legal@joinmodernhealth.com. Modern Health has committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you. For purposes of enforcing compliance with the Privacy Shield, Modern Health is subject to the investigatory and enforcement authority of the US Federal Trade Commission. Under certain conditions, more fully described on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

HOW TO CONTACT MODERN HEALTH
To contact Modern Health with questions or concerns about this Policy or Modern Health’s personal data practices please contact us at legal@joinmodernhealth.com.