California Privacy Notice

Last Updated: March 2020

This California Privacy Notice supplements the information contained in our Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California or are otherwise protected by the California Consumer Privacy Act of 2018 (the “CCPA”) (”consumers” or “you”). We adopt this notice to comply with the CCPA and any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect
Our Site and App collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”personal information”). In particular, we collect the following categories of personal information from our consumers, and have collected such personal information from consumers for the past twelve (12) months:

Category of Information Examples Purposes for which Information is Used
A. Identifiers Consumer name, postal address, Internet Protocol address, email address, account name, or other similar identifiers • To set up your account and to provide our Services.
• To identify and authenticate your access to certain features of the Services
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, physical characteristics or description, address, telephone number, credit card number, debit card number or medical information. Some personal information included in this category may overlap with other categories. • To allow you to obtain relevant information about health and provide you tools to manage it.
• To personalize our recommendations for better management of your diabetes, nutrition, medicines, etc. (including through our community learning tools, Apple’s HealthKit, etc.).
• To allow you to make purchases through the Services and carry out transactions which you request.
• To transfer or share, against payment or free of charge, aggregated information, un-
DLP-0099 RevA
identifiable Personal Information and/or anonymized information to or with third parties for their legitimate purposes.
C. Protected classification characteristics under California or federal law. Age (40 years or older), medical condition, physical or mental disability, sex (including gender, gender identity, pregnancy and related medical conditions) • To personalize our recommendations for better management of your diabetes, nutrition, medicines, etc. (including through our community learning tools, Apple’s HealthKit, etc.).
D. Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies • To optimize the Site, our Services and your experience.
• To communicate with you in order to keep you informed of our latest updates and features.
• To personalize our recommendations for better management of your diabetes, nutrition, medicines, etc. (including through our community learning tools, Apple’s HealthKit, etc.).
• To identify and authenticate your access to certain features of the Services.
• To perform research or to conduct analytics in order to improve and customize our Services to our users’ needs and interests.
• To market our products and services to you (to the extent permitted under HIPAA).
E. Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. • To optimize the App and Site, our Services and your experience.
F. Geolocation data Physical location or movements. • To personalize our recommendations for better management of your diabetes, nutrition, medicines, etc. (including through our community learning tools, Apple’s HealthKit, etc.)
• To send you reminders based on your location and activity (including through SDKs)
G. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. • To personalize our recommendations for better management of your diabetes

Source from Which Personal Information is Collected
We obtain the categories of personal information listed above from the following categories of sources:

Voluntary information: We collect information which you provide us voluntarily. For example, when you register to our Services, pay for our Services, respond to communications from us, contact our support, communicate with us via email or the Services or share additional information about yourself or about others through your use of the Services.
Device Information: We may also collect personal information from your device (e.g. geolocation data, IP address) and information on your activity on the Services (e.g. pages viewed, online browsing, clicks, actions, etc.).
Third parties’ Software Development Kits (“SDKs”): Within our App, we may use SDKs provided by third parties. If you grant us your explicit consent to such use and integration (through the App), we may gather additional Personal Information about your activities, location and behavior, such as Wi-Fi, Bluetooth, accelerometer, gyroscope, GPS, etc. For additional information about SDKs we advise you to visit the third parties’ website(s) to learn more. In our App, we use an SDK from Facebook Inc. The Facebook SDK allows you to login to our App using your Facebook login.

Sharing Personal Information
We may disclose your personal information to a third party for any of the business or commercial purposes set forth in this Privacy Notice or in the Dario Privacy Policy (each, a “Business Purpose.” When we disclose personal information for a Business Purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We disclose each of the following categories of personal information to the categories of third parties listed opposite to it:

Category Disclosed Category of Third Party
A. Identifiers • Service providers
• Third parties to whom you authorize us to disclose your personal information
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). • Service providers
• Third parties to whom you authorize us to disclose your personal information
C. Protected classification characteristics under California or federal law. • Third parties to whom you authorize us to disclose your personal information
D. Commercial information • Our affiliates
E. Internet or other similar network activity
F. Geolocation data • Our affiliates
• Third parties to whom you authorize us to disclose your personal information
G. Inferences drawn from other personal information. • Third parties to whom you authorize us to disclose your personal information

For additional information about entities with whom we share personal information we collect, please visit our Privacy Policy.

Sales of Personal Information
In the preceding twelve (12) months, we had not sold personal information. We do not sell the personal information of minors under 16 years of age without affirmative authorization.

Your Rights and Choices under the CCPA
The CCPA provides consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and verify your request (see our procedures for “Making Requests” below), we will disclose to you:
• The categories of personal data we collected about you.
• The specific pieces of personal information we collected about you.
• The categories of sources from which we collected your personal information.
• Our business or commercial purpose for collecting that personal information.
• The categories of third parties to whom we disclosed your personal information for a business purpose.

Right to Request Deletion of Personal Information
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and verify your request (see our procedure for “Making Requests” below), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your request for deletion of personal information if retaining the information is necessary for us or our service provider(s) to:
• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Making Requests
In order to make a request either to access, transfer or delete any of your personal information, please give us a call at our toll-free number: 1-800-895-5921 or click HERE to submit an online request.

You may also submit a written request containing your name, current address, current phone number, email address and the specific request, to
Labstyle Innovation Ltd.
Customer Support
142 W. 57th Street, 11th Floor
New York, NY 10019

or email us at: support@mydario.com

You may only make a request for access or data portability twice within a 12-month period. The request must:
• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized agent of that person.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

If we receive from you a verifiable request to delete your personal information, we will contact you to ask you to confirm that request. Only upon receipt of that confirmation will we delete your personal information.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a request to verify the requestor’s identity or authority to make the request.

You have the right to designate an agent to exercise these rights on your behalf. If you wish to allow a designated person to act on your behalf, please click HERE to submit your request.

Response Timing and Format
We will notify you of our receipt of your request within ten (10) days. We will endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to additional 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication. We will not honor requests for specific pieces or categories of personal information if we cannot verify your identity.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Please note that we will not disclose to you the following information under any circumstances:
• Any information for which disclosure creates a substantial, articulable and unreasonable risk to the security of your personal information, your account with us, or the security of our systems or networks;
• Your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, account password, or security questions and answers; and
• Any information for which disclosure would conflict with federal or state law, or the order of a court, administrative agency, or arbitration panel.

Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us.

Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Site and App and update the notice’s effective date. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes.

Contact Information
If you have any questions or comments about this notice, the ways in which we collect and uses your information described above, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us as follows:

Labstyle Innovation Ltd
Customer Support
142 W. 57th Street, 11th Floor
New York, NY 10019

Email: support@mydario.com

Toll-Free: 1-800-895-5921

DLP-0099 RevA