Beta Bionics, Inc. (“Beta Bionics”, “we”, “us” or “our”) offers innovative medical technology solutions for diabetes management. Beta Bionics is focused on the design, development, and commercialization of an automated insulin delivery system composed of our FDA-approved iLet ACE Pump, iLet Dosing Decision Software, and integrated continuous glucose monitor (collectively, “iLet System”). This Privacy Policy describes how Beta Bionics processes information about you that we collect through our digital or online properties or services that link to this Privacy Policy (including as applicable, our website located at https://www.betabionics.com/, mobile application, and social media pages) as well as our marketing activities and other activities described in this Privacy Policy (collectively, the “Service”)).
Our Service is intended to help individuals seeking diabetes management solutions. This privacy policy covers protected health information (“PHI”) that is subject to the health insurance portability and accountability act, as amended and its implementing regulations (collectively, “HIPAA”). PHI is information about you, including basic demographic information, that may identify you and that relates to your past, present or future physical or mental health condition, treatment, or payment for health services.
THIS PRIVACY POLICY CONSTITUTES OUR HIPAA NOTICE OF PRIVACY PRACTICES AND DESCRIBES HOW WE COLLECT, USE, SAFEGUARD AND DISCLOSE PHI THAT IS SUBJECT TO HIPAA. THIS PRIVACY POLICY ALSO DESCRIBES YOUR ACCESS AND OTHER RIGHTS WITH RESPECT TO YOUR PHI. WE ARE REQUIRED TO ABIDE BY THE TERMS OF OUR PRIVACY NOTICE CURRENTLY IN EFFECT. PLEASE READ THIS PRIVACY NOTICE CAREFULLY.
We can provide you with a written copy at your request.
Index
Information we collect
Information you provide to us. PHI that you may provide to us through the Service or otherwise includes:
- Contact data, such as your first and last name, email address, mailing address and phone number.
- Profile data, such as the username and password that you may set to establish an online account on the Service, and date of birth.
- Health data, such as, medical history, treatment and health care provider information, and other health-related data (such as insulin dosage and blood glucose levels).
- Insurance data, including health insurance coverage and eligibility information.
- Payment information, needed to complete transactions, including payment card information or bank account number.
- Communications data based on our exchanges with you, including when you contact us through the Service, social media, or otherwise.
- Transactional data, such as information relating to or needed to complete your orders on or through the Service, including transaction history.
- Marketing data, such as your preferences for receiving Beta Bionics-related marketing communications and details about your engagement with them.
- Other data not specifically listed here, including data inferred or derived from the categories listed in this section, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
Third-party sources. We may combine PHI we receive from you with information falling within one of the categories identified above that we obtain from other sources, such as:
- Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
- Your Healthcare Provider, we may receive information from your healthcare provider.
- Service providers that provide services on our behalf or help us operate the Service or our business.
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
- Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
For more information concerning our automatic collection of data, please see the Tracking Technologies section below.
Tracking Technologies
Cookies and similar technologies. Some of our automatic data collection is facilitated by cookies and similar technologies. For more information, see our Cookie Notice.
How we use your information
We may use your PHI for the following purposes or as otherwise described at the time of collection:
Service delivery and operations. We may use your PHI to:
- provide the Service, including:
- Treatment. We may use your PHI for purposes of providing your medical treatment.
- Payment. We may use your PHI for purposes of billing and collecting payment for the Service.
- Health Care Operations. We may use your PHI to facilitate our business’ health care operations. For example, we may review your PHI internally as part of an audit to confirm the quality of the Service.
- You can learn more about how we disclose PHI for the abovementioned treatment, payment, and health care operations purposes in the section titled “How we share your information“.
- enable security features of the Service;
- establish and maintain your user profile on the Service;
- communicate with you about the Service, including by sending Service-related announcements, updates, security alerts, and support and administrative messages; and
- communicate with our service providers (known as business associates) that will have access to your PHI in assisting us in providing the Service and that have agreed to maintain the privacy and security of your PHI.
- provide support for the Service, and respond to your requests, questions and feedback.
Service personalization, which may include using your PHI to:
- understand your needs and interests;
- personalize your experience with the Service and our Service-related communications; and
- remember your selections and preferences as you navigate webpages.
Service improvement and analytics. We may use your PHI to analyze your usage of the Service, improve the Service, improve the rest of our business, help us understand user activity on the Service, including which pages are most and least visited and how visitors move around the Service, as well as user interactions with our emails, and to develop new products and services. For more information on analytics, see our Cookie Notice.
Marketing and advertising. We, and with your consent, our service providers, may collect and use your PHI for marketing purposes to send you direct marketing communications and may personalize these messages based on your needs and interests. You may opt-out of our marketing communications as described in the Opt-out of communications section below. WHILE WE USE PHI FOR OUR OWN MARKETING PURPOSES, WE DO NOT DISCLOSE PHI TO THIRD PARTIES FOR THEIR OWN DIRECT MARKETING PURPOSES. Please note that, you may see or receive advertisements and other marketing regarding our products and services provided on the basis of the content of the web page (“contextual” ads) or other types of non-PHI information.
Compliance and protection. We may use your PHI to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas, investigations or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims or for public safety purposes);
- audit our internal processes for compliance with legal and contractual requirements or our internal policies;
- enforce the terms and conditions that govern the Service; and
- prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
To create aggregated, de-identified and/or anonymized data. We may create aggregated, de-identified and/or anonymized data from your PHI and other individuals whose PHI we collect. We make PHI into de-identified and/or anonymized data by removing information that makes the data identifiable to you. We may use this aggregated, de-identified and/or anonymized data and use it internally or share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
Further uses. We will ask for consent to use your PHI for other purposes when required by law. For example, we will not use or disclose your PHI that would constitute the sale of PHI without written authorization signed by you or your personal representative. Once you sign an authorization, you may revoke it by contacting us as described below. However, any use or disclosure of your PHI already taken in reliance on your authorization prior to your revocation cannot be reversed.
Retention
We generally retain PHI to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for PHI, we may consider factors such as the amount, nature, and sensitivity of the PHI, the potential risk of harm from unauthorized use or disclosure of your PHI, the purposes for which we process your PHI and whether we can achieve those purposes through other means, and the applicable legal requirements.
How we share your information
We may share your PHI with the following parties and as otherwise described in this Privacy Policy, in other applicable notices, or at the time of collection.
Service providers, such as third parties that provide services on our behalf or help us operate the Service or our business (such as SaaS services, hosting services, shipping services, information technology, customer support, email delivery, marketing, consumer research and website analytics).
Healthcare providers, in order to coordinate your medical care or treatment.
Family and friends, who are involved in your medical care, including those who are responsible for paying for your care.
Personal representatives, as established under applicable law, or to the administrator or authorized individual associated with your estate.
Health plans, for example to confirm your eligibility for coverage.
Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others, such as law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the Compliance and protection purposes described above.
Business transferees, in the context of actual or prospective business transactions (e.g., investments in Beta Bionics, financing of Beta Bionics, public stock offerings, or the sale, transfer or merger of all or part of our business, assets, or shares). For example, we may need to share certain PHI with prospective counterparties and their advisers. We may also disclose your PHI to an acquirer, successor, or assignee of Beta Bionics as part of any merger, acquisition, sale of assets, or similar transaction, and/or in the event of an insolvency, bankruptcy, or receivership in which PHI is transferred to one or more third parties as one of our business assets.
Your PHI rights
You have the following rights with respect to your PHI:
- You have the right to request restrictions on certain uses and disclosures of your PHI. We will consider every request to restrict uses or disclosures of your PHI and will strive to honor those that are reasonable. However, we are not legally required to honor each request unless the requested restriction involves a disclosure not required by law to a health plan for purposes of payment or health care operations, and you have paid for the applicable services in full, out of pocket. With respect to any requested restriction, if we agree to honor the request, we will document such restriction and continue to abide by it.
- You have the right to receive confidential communications of your PHI. Specifically, you may request that we communicate with you about your PHI using a specific means, phone number, or address. We will accommodate reasonable requests regarding confidential communications of your PHI.
- Subject to applicable state law, you have the right to inspect and copy your PHI. You also have the right to access and receive your PHI electronically if readily producible in such format.
- You have the right to correct or update your PHI. If you believe that there is an error in your PHI, you may request that we update it as appropriate.
- You have the right to receive an accounting of certain disclosures of your PHI that we make. Upon receipt of such request, we will provide you with a list of disclosures we have made in the prior six (6) years, not including certain types of disclosures such as, by way of example only, those made directly to you or pursuant to your written authorization.
- You have the right to obtain a paper copy of this Privacy Policy upon request.
To exercise any of these rights, please contact us as described below.
Your choices
Access or update your information. If you have registered for an account with us through the Service, you may review and update certain account information by logging into the account.
Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
If you receive text messages from us, you may opt out of receiving further text messages from us by replying STOP to our message. You may also text STOP to 855-745-3800.
Cookies. For information about cookies employed by the Service and how to control them, see our Cookie Notice.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect PHI to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
Delete your account. If you wish to request to close your account, please contact us.
Other sites and services
The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.
Security
We employ technical, organizational, and physical safeguards designed to protect the PHI we collect. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your PHI. We are required under HIPAA to notify you in the event that your PHI is subject to a security breach unless we reasonably determine that, after investigating the situation and assessing the risk presented, there is a low probability that the privacy or security of your PHI has been compromised. You will be notified without unreasonable delay and in no event later than sixty (60) days following discovery of such type of security breach. Such notification will include information about the security breach, including steps that we have taken or will take to mitigate potential harm, and a contact person to whom you may address additional questions.
International data transfer
We are headquartered in the United States and may use service providers that operate in other countries. Your PHI may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.
Children
To sign up for the Service, users must be at least 13 years of age or older. A parent, guardian, or personal representative of a child who is under 13 years of age must sign up on behalf of the child for the child to use our Services and provide the information about the child necessary for use of our Services. If you are a parent, guardian, or personal representative of a child from whom you believe we have collected PHI in a manner prohibited by law, please contact us. If we learn that we have collected PHI through the Service from a child without the consent of the child’s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service or other appropriate means. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting), and we reserve the right to make the new Privacy Notice provisions effective for all of your PHI that we maintain. We will also provide you with a copy of the updated Privacy Notice at your request.
How to contact us
If you have any questions or comments about this Privacy Policy, or if you have any complaints about our privacy practices, please contact as described below. You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.
Email: privacy@betabionics.com
Mail: Attn: Legal Department
11 Hughes Irvine, CA 92618