Consumer Health Data Privacy Policy

Consumer Health Data Privacy Policy

Last Updated: April 2024

This notice supplements the Nuance Privacy Statement and applies to personal data defined as “consumer health data” subject to the Washington State My Health My Data Act (MHMDA), the Nevada Health Data Privacy Act (NHDPA), or other applicable state law.

Consumer Health Data We Collect

As described in the What Personal Data Do We Collect(Open a new window) section of the privacy statement, the data we collect depends on the context of your interactions with Nuance and the choices you make (including your privacy settings), the products and features you use, your location, and applicable law. Because consumer health data is defined very broadly, many of the categories of data we collect could also be considered consumer health data.

Examples of consumer health data, if not otherwise excepted from the MHMDA, may include:

  • Information about your health‑related conditions, symptoms, status, diagnoses, testing, or treatments (including surgeries, procedures, medications, or other interventions). For example, we may collect such information through surveys or other communication with you for research studies and improving product accessibility.
  • Measurements of bodily functions, vital signs, or characteristics, including photographs, which may also be considered biometric data under the MHMDA, the NHDPA or other applicable state law.
  • Precise location information that could reasonably indicate your attempt to acquire or receive health services or supplies.
  • Information that could identify your attempt to seek health care services or information, including services that allow you to assess, measure, improve, or learn about your or another person’s health.
  • Other information that may be used to infer or derive data related to the above or other health information.

Sources of Consumer Health Data

As described further in the What Personal Data Do We Collect(Open a new window) section of the privacy statement, we collect personal data (which may include consumer health data) directly from you, from your interactions with our products and services, from third parties, and from publicly available sources.

Why We Collect and Use Consumer Health Data

We collect and use consumer health data for the purposes described in the How we use personal data(Open a new window) section of the privacy statement. Primarily, we collect and use consumer health data as reasonably necessary to provide you with the products you have requested or authorized. This may include delivering and operating the products and their features, personalization of certain product features, ensuring the secure and reliable operation of the products and the systems that support them, troubleshooting and improving the products, and other essential business operations that support the provision of the products (such as analyzing our performance, meeting our legal obligations, developing our workforce, and conducting research and development).

We may use consumer health data for other purposes for which we give you choices and/or obtain your consent as required by law—for example, for advertising or marketing purposes. See the Control of Your Personal Data(Open a new window) section of the privacy statement and the How to Exercise Your Rights section below for more details on the controls and choices you may have.

Our Sharing of Consumer Health Data

We may share each of the categories of consumer health data described above for the purposes described in the Why We Use Personal Data(Open a new window) section of the privacy statement. In particular, we may share personal data, including consumer health data, with your consent or as reasonably necessary to complete any transaction or provide any product you have requested or authorized, as described above.

For example, we share your content with third parties when you tell us to do so. If you make a purchase, we will share information about the transaction as necessary to process the payment, including protection against fraud. And we may disclose data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process.

Third Parties With Which We Share Consumer Health Data

As necessary for the purposes described above, we share consumer health data with the following categories of third parties:

  • Service providers. Vendors or agents (“processors”) working on our behalf may access consumer health data for the purposes described above. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to data to provide those functions.
  • Business partners. We may share consumer health data with other companies, for example, where you use a service that is cobranded and jointly operated with another company, or where you use our services to interact with another company.
  • Financial institutions & payment processors. When you make a purchase or enter into a financial transaction, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services.
  • Parties to a corporate transaction. We may disclose consumer health data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
  • Affiliates. We enable access to data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business. A full list of specific affiliates is available here(Open a new window).
  • Government agencies. We disclose data to law enforcement or other government agencies when we believe doing so is necessary to comply with applicable law or respond to valid legal process.
  • Other third parties. In certain circumstances, it may be necessary to provide data to other third parties, for example, to comply with the law or to protect our rights or those of our customers.
  • Other users and individuals. If you use our services to interact with other users of the service or other recipients of communications, we will share data, including consumer health data, as directed by you and your interactions.

How to Exercise Your Rights

You may have certain rights with respect to consumer health data, including rights to access, delete, or withdraw consent relating to such data, subject to certain exceptions. You can request to exercise such rights using the various tools and mechanisms described in the Control of Your Personal Data(Open a new window) section of the privacy statement. You can contact Nuance at the contact information in the Contact Us(Open a new window) section or by using our web form(Open a new window).

If your request to exercise a right is denied, you may appeal that decision by contacting our privacy support team via our web form(Open a new window). If your appeal is unsuccessful, you can raise a concern or lodge a complaint with the Washington State Attorney General at www.atg.wa.gov/file-complaint(Open a new window), the Nevada State Attorney General at https://ag.nv.gov/complaints/file_complaint/(Open a new window), or other regulatory authority as applicable.