Privacy Policy

Updated April 26 2024

Kooth’s Privacy Commitment

At Kooth USA, LLC and Kooth Digital Health ("Kooth", "we," "us," or "our"), your privacy is important to us. We create easy to access online mental health services that collaborate with you to provide compassionate and effective support. We create a welcoming space for personalized digital mental healthcare. We service users, clients, and stakeholders ("Customers").

Kooth has over 20 years of experience protecting Customers’ and users’ privacy. Kooth is proud to have developed the Soluna application (“App”), available on iOS and Android (“Soluna”). We also developed a website, SolunaApp.com, in connection with the services we provide (collectively the “Services”).

Other Kooth Services may have different privacy policies and different information practices. This privacy notice tells you how we collect, use, and share your information when you use our Services.

Personally Identifiable Information (“PII”) is your personal data. PII includes any information used to identify or contact a Soluna Service User (“User”). We only ask for the least amount of information necessary to provide our Services. We will let you know what information we use. By using our Services, you agree you have read our Terms of Use. You agree to let us use your information as described in this privacy notice and the Terms of Use. If you do not agree to these terms, please do not use the Services or provide any personal data.

Scope of this Privacy Notice

This privacy notice applies to all Services to which it links. Your PII may meet the definition of Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act under certain circumstances. When these circumstances apply, Kooth’s Notice of Privacy Practices, describes your rights under HIPAA. Even If your information is not PHI, you may have certain rights under the California Consumer Privacy Act (“CCPA”) and other laws. Privacy rights are described in this privacy notice.

Parental Consent

We are committed to protecting the privacy of children. In cases where parental consent is required please, see our "Children’s Privacy and Parental Controls" policy for more information about how we collect, store and share children’s information.

Information we Collect

We only collect information about you if we need to, for you to use our Services. This includes 1) information you provide to Kooth, and 2) information we collect automatically. This information makes your experience unique to you.

1. Information you provide to Kooth

The table below describes the types of Personally Identifiable Information (PII) we collect, how we get the information, and how we use it.

Types of PII

How we get your information

How we use your information

Information collected during registration

Information a User may supply when creating an account or updating the User profile:

Language
Unique Username
Password
Email
Zip code
Date of Birth
Pronouns (optional)
Interests (optional)
Notification preferences

You provide this information when you create an account.

Register you to use the Services
Match you with a trained professional
Provide you with information about the Services
Administer your account and provide you with support
Maintain the safety and security of our Users, Services, and business
Communicate with you for reasons such as promoting Kooth Services
Provide mandatory and permissible reporting to law enforcement or other governmental authorities (e.g., when there is the imminent threat of harm to a User or other individual)
Respond to a valid legal request
Evaluate, improve, develop, and control the Services and their quality
Conduct internal oversight

Information collected while using the Services

Information Users may voluntarily supply when using the Website or App:

Demographic Information
Sexual Orientation
Religion
Ethnicity
Information you provide during coaching sessions
Documents you may share with our trained professionals
Information you share when we provide you with support
Any information you provide during intake. This may be emergency contacts, and physical and mental health information

You provide this information when you use our services.

Provide you with the Services
Develop new products and features
Improve the Services
Conduct clinical and other academic research. For more information see “Research” below
Address concerns or complaints
Perform quality assurance and compliance activities
Provide you with help in case of an emergency

2. Information collected automatically

Kooth and its Service Providers automatically collect information when you access or use the Services. This may include IP address, device identifier, browser type, operating system, information about the use of the Service, and data about connected hardware (e.g., computer or mobile device).

Examples of how we collect information automatically:

Log information: Log information is data about use of the Services, such as IP address, browser type, Internet service provider, referring / exit pages, operating system, date / time stamps, and related data, and may be stored in log files.
Information collected by cookies and other tracking technologies: Cookies, web beacons (also known as "tracking pixels"), embedded scripts, location-identifying technologies, fingerprinting, device recognition technologies, and other tracking technologies now and hereafter developed ("Tracking Technologies") may be used to collect information about interactions with the Service or emails.

How we use your Information

In addition to the purposes mentioned above, we may use your information for the following reasons:

1. To perform services for our customers

We process your information for the following legitimate business purposes:

To set up and maintain your account.
To provide, manage, and personalize the Services.
To fulfill our obligations to the User under the Terms of Use.
To prevent and address harm and misuse.
To communicate with you about our Services, changes to this privacy notice, terms of use, and other important information, and keep you posted on improvements and new features.
To understand how you use our Services to develop new features, improve our operations, and review the quality of Service you receive.
To respond to lawful requests from public and government authorities.
To comply with applicable state/federal law.
To provide you with technical support and customer service.
To make sure Users follow the Terms of Use and any other applicable terms to which they’ve agreed.
To keep Our App safe and secure for you and Kooth.
To analyze trends, administer our Services, and track visits to the App or Website to understand what our Users are looking for and to provide better support.

2. Aggregated and de-identified data

We may use your information in a way which does not identify you. We may combine this information with the information of others who use our Services. This is called aggregated data. We may use aggregated data for operations purposes. These purposes include maintaining, managing, and improving our Services. We may share aggregate data for analysis and other business purposes. These purposes may include describing our Services to Customers and third parties; and sharing with clients, contracted providers, and agents, as permitted under applicable regulations and agreements.

3. Research

Your data may be used for research purposes to improve our operations and better support our Users. When we use your data for these purposes, your data is combined with other information, and you are not able to be identified. You may opt out at any time. From time to time, you may be asked to participate in additional surveys. We will always ask you for your permission first. These surveys may ask about your well-being, use and experience of the Services. This data may be shared with third party partners. We follow regulatory requirements when using data for research purposes and ensure any partners enter into written agreements to protect your information. We may share what we learn through reports or journal publications, but you will never be able to be identified by what we share.

4. For our own outreach purposes

We use your contact information and information about your use of our Services to:

Communicate with you and keep you updated about our products and services.
Provide you with informational content about our Services.
Deliver targeted Kooth product updates.
Send you information about the Services which we think would interest you.

You have the right to "opt-out" of promotional communications at any time. However, there are some communications we must send you, such as letting you know when this privacy notice is updated.

Information we Share

We will never sell your information. We only share information as described in this privacy notice and Notice of Privacy Practices, as applicable. In addition to the purposes listed in the section, “How we use your information”, and the chart in the section, “Information we collect”, we may share your information with your consent and for the following purposes.

1. Third-party Service Providers

Like many businesses, we hire other companies to perform certain business-related services (our "Service Providers"). We may share your personal information, aggregated, or de-identified information, with third party Service Providers with whom we enter into written contracts. These may include services related to data storage, information hosting, and disaster recovery. Service Providers act as our agents, performing services at our instruction and on our behalf. We only share the least amount of information necessary for Service Providers to perform contracted services.

2. Internally

We may share your information with our affiliates or parent company to support the Service. Personal information may be lawfully disclosed between affiliate, subsidiary, and parent organizations of Kooth, as allowed. Employees and contractors of Kooth have access to your information on a need-to-know basis.

3. Mergers and acquisitions

Kooth may share your personal information in connection with a reorganization or combination of our organization with another organization.

4. Required by law

We may share your information if required by applicable law or regulation. In certain circumstances, we may share your information to comply with a judicial proceeding, court order or other legal obligation, or a regulatory or government inquiry.

Information Users Share Publicly

You may be allowed to submit User Generated Content ("UGC") including, without limitation, written content, User profiles, audio or visual recordings, computer graphics, pictures, data, or other content, including personal information. All content is moderated. If your submitted UGC is approved, it will be published to any public area of the Service. When information is published, your UGC will be "public" and can be accessed by anyone, including Kooth and our Customers. Personal information which may be included in UGC is not subject to this privacy notice. UGC may be used and shared by Kooth, Customers, and third parties. Users should use caution when submitting UGC for moderation review and publication. For more information on UGC, see the Service’s Terms of Use.

Cookies and other tracking technology

Kooth and its Service Providers collect certain information about you automatically, as described in the section “Information we collect”. This may include IP address, device identifier, device and browser type, operating system, geographic location, and other technical information. We also collect information about how your device interacts with our Services, such as the features accessed, URL, time you visited the site and links clicked. We use this information to better understand what content interests our Users and where they come from. We collect this information through the use of cookies and web beacons as described below.

Kooth may place ads on third-party websites. As an effort to monitor the success of our advertising, we may use visitor identification tracking technology such as web beacons. Web beacons count visitors who come to Kooth’s websites after seeing an ad or banner on a third-party site. Unlike cookies, which are stored on the User’s device, Web beacons are typically embedded on web pages. Web Beacons do not monitor Users once they have logged into the Services.

A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the site again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. Cookies provide a convenience to save you time or tell the web server that you have returned to a specific page.

Cookies can expire after a session or last longer. Expiration dates are set in the cookies themselves; some may expire after a few minutes while others may expire after several years. Cookies placed by the website you are visiting, i.e., Kooth, are called “first party cookies". Third-party cookies are provided on non-Kooth websites.

There are several types of cookies.

Essential/strictly necessary cookies: Necessary for the Services to function properly.

Analytics cookies: Help us improve the Services by tracking information about visits so we can report on and improve our Services. Kooth may use Mixpanel, described below, or other Service Providers for analytic services. Service Providers may use cookies and other tracking technologies to help Kooth analyze Users’ interaction with the Services.

Advertising cookies: Tracks User activity and sessions which allow us to personalize the Services.

We may provide links to third-party websites, platforms, services, and applications through the Services. When you click on a link, the third-party may use their own cookies and tracking technology to collect information from you. Once you link to another website from the Services, you are subject to the terms and conditions of that website, including, but not limited to, its internet privacy notice. Information collected, stored, and shared by third-parties remains subject to their privacy policies and practices, including whether they continue to share information with Kooth, the types of information shared, and your choices on what is visible when you interact with the third-party website. Kooth is not responsible for, and makes no representations regarding, the policies or business practices of third-parties.

We do not recognize browser "Do Not Track" signals.

Cookies on Kooth

Cookie provider	Name of cookie	Type of cookie	Purpose of cookie	Duration of cookie
Kooth	tracking-preferences	Necessary	Used to remember the choice you made about the use of analytics or marketing cookies. This is a necessary cookie and will not be used for any gathering of information.	Session
Mixpanel	ajs_user_id	Analytic	Enables us to use tools to gather anonymous data about how you use Kooth in order to better improve our Services.	Session
Segment	ajs_anonymous_id	Advertising	Used to gather anonymous data about how you found out about Kooth to understand how to reach more Users.	Session
Illumin/ Acuity Ads	bv-campaignId	Advertising	Monitors advertising performance. These are anonymous cookies that are used to track registrations from targeted campaigns.	100 days
Illumin/Acuity Ads	auid	Advertising	Monitors advertising performance. These are anonymous cookies that are used to track registrations from targeted campaigns.	360 days
Illumin/Acuity Ads	clickid-campaignId	Advertising	Monitors advertising performance. These are anonymous cookies that are used to track registrations from targeted campaigns.	100 days
Illumin/Acuity Ads	optOutCookie	Advertising	Used to ensure you are opted-out of Acuity Ads’ cookies if you have manually opted-out.	Permanent
Illumin/Acuity Ads	aum	Advertising	Monitors advertising performance. These are anonymous cookies that are used to track registrations from targeted campaigns.	30 days

Managing cookies

Most browsers allow you to control the cookies. If you prefer not to receive cookies while browsing our website, you can set your browser to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. This will let you decide if you want to accept it or not. However, if you limit the ability of websites to set cookies, some functionality may not be available. Browser manufacturers supply help pages related to cookie management. For more information on how to control and/or remove cookies see https://aboutcookies.org. You can remove all cookies that are already on your computer and set most browsers to prevent them from being placed.

Accessing and changing information

Kooth may provide ways for you to delete, correct, or update some of your personal information. Kooth will make good faith efforts to make requested changes in Kooth's databases as soon as practicable, but it is not always possible to completely change, remove or delete all of your information or public postings from Kooth's databases (California minors see Children's privacy and parental controls). Further, we reserve the right to keep data (a) as required by applicable law; and (b) for so long as reasonably necessary to fulfill the purposes for which the data is kept except to the extent prohibited by applicable law.

Children's and Parental Rights

Applicable law may grant children or parents the right to access, review, refuse further collection of, or delete the Personal Information collected from the child online.
Any California residents under the age of eighteen (18) who have registered to use the Service and whose anonymous moderated content was posted on the Service, can request removal by contacting privacy@kooth.com. Kooth will make reasonably good faith efforts to remove the post from prospective public view. This removal process cannot ensure complete removal, such as when content may have been shared or archived by public internet search engines.
Kids Privacy Assured by PRIVO: COPPA Safe Harbor Certification

Kooth USA LLC is a member of the PRIVO Kids Privacy Assured COPPA safe harbor certification Program (“the Program”). The Program certification applies to the digital properties listed on the certification page that are viewable by clicking on the PRIVO Seal. PRIVO is an independent, third-party organization committed to supporting online services to safeguard children’s personal information collected online. The PRIVO COPPA safe harbor certification Seal posted on this page indicates Kooth USA LLC has established COPPA compliant privacy practices and has agreed to submit to PRIVO’s oversight and consumer dispute resolution process. If you have questions or concerns about our privacy practices, please contact us toll-free at (844) 582-2111 or email privacy@kooth.com . If you have further concerns after you have contacted us, you can contact PRIVO directly at privacy@privo.com.

Information Security

Kooth will exercise reasonable efforts to safeguard the confidentiality of personal information we process. We use a combination of physical, technical, and administrative security controls to maintain the security and integrity of our Users’ information. This helps to protect against any threats to the confidentiality, integrity, and availability of your information. The controls we have in place protect against unauthorized access to or use of your information in our possession which could harm or inconvenience our Users. However, transmissions protected by industry standard security technology and implemented by human beings cannot be made absolutely secure and Kooth does not guarantee the security of your information collected through the Service.

Privacy Notice Changes

This privacy notice is effective as of the date stated at the top of this privacy notice. We may change this privacy notice from time to time and will let you know of any material changes through the Service. By accessing our Service after we make any changes to this privacy notice, you are considered to have accepted such changes. Please refer back to this privacy notice on a regular basis to review any updates.

Retention

We collect information you provide to us when you use our Services, as described in this privacy notice. Some PII you can remove yourself within the Services. We will keep other PII for as long as you have a User account. We must protect and keep this data to follow the law and contract requirements. The length of time we keep the PII depends on the type of PII and applicable law. We keep PII for as long as necessary to fulfill the purpose for which it was collected, unless otherwise required or necessary for a legitimate business purpose outlined in this privacy notice. At the end of the retention period, we will remove PII from our databases and will ask that our Business Partners remove User PII from their databases, if applicable. If there is any data we cannot remove entirely from our systems for technical reasons, we will continue to protect your information per our highest standards and prevent any further processing of your data. We may keep anonymized data indeﬁnitely.

California Residence

The California Consumer Privacy Act (“CCPA”) grants California residents added privacy rights. The CCPA does not include “protected health information”, or PHI, which is protected under the HIPAA Privacy and Security Rules. California Service User PII is considered PHI and protected under HIPAA. Our Notice of Privacy Practices explains how health information about you may be used and disclosed and how you can exercise your rights.

This section describes how Kooth protects the PII of California residents who are not Service Users. This section applies to both information that we collect through our Website or App and information created or received from other sources.

If you are a resident of California, this is information about what we collect, how we use it, and how it may be shared.

The following lists the categories of information we collect about California residents, describes how we use the information, and lists the categories of third parties with whom the information has been shared during the previous twelve months. We never sell your information.

Sources of Information	Use of Information	Sharing Information
Contact information: We collect this information directly from Website and App visitors. For example, when you supply your email address through an online form to request information about our Services.	We collect information to communicate with you, including for marketing purposes, and to run the Website and the App.	We share this information with certain Service Providers who process and use the information subject to written agreements
Information collected automatically: We collect this information automatically from a website or App visitor’s computer or device.	We collect such information to provide and improve the Website and App. Used to supply customized content based on location from a device.	We share this information with certain Service Providers who use the information to improve the Services.

Consumers have the following rights under the CCPA

Right to Know. Users can request their Personal Information and we will provide it once the request is verified. See "Exercising Your Rights" for more information.

Right to Delete. Users have the right to request the deletion of their collected Personal Information.

Right to Opt-Out of the Sale of Personal Information. We do not Sell your Personal Information.
Right to Nondiscrimination. Users have the right to exercise their CCPA rights without fear of discriminatory treatment. We will not discriminate against Users for exercising any of their CCPA rights.

Exercising Your Rights

To request account deactivation, Users can contact us at thoughts@kooth.com. To start a request to access your information, Users can contact us at privacy@kooth.com.

Only a California resident, or someone that is authorized to act on their behalf, may make a request related to their privacy rights. When selecting someone to act on your behalf, an authorization form must be provided in writing and signed by the California resident.

We will need to confirm the California resident’s identity or the identity of the authorized agent before processing the request. We will ask the California resident for more information, such as a government issued ID, to confirm the resident’s identity against information we have already collected.
Please note that California residents may only make a request for access twice within a 12-month period.

Accountability

How to contact us

If you have a question about this privacy notice, you may contact us by writing to Kooth at 167 North Green Street Chicago, IL, 60607, calling toll-free at (844) 582-2111, or by e-mail at privacy@kooth.com.

Terms of Use

If a Customer chooses to use Kooth's services, Customer's action is hereby considered acceptance of Kooth practices described in this notice and Terms of Use.