Iris—Privacy Policy

Privacy Policy

At Iris, our customer’s security on all fronts is most important to us.


Iris Health, Inc. (or “Iris,” the “Company,” “our,” “we,” or “us”) respects and values your privacy and therefore we are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide to us when you visit or utilize or any related application, such as mobile phone application (the “Platforms”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect: (1) on the Platforms; (2) in any electronic communication between you and the Platforms; and (3) when you interact with our advertising and applications on third-party websites and services, if those advertisements or applications include links to this policy.

This policy does not apply to information collected by: (1) us offline or through any other means, including on any other website or platform operated by Iris or any third party (including our affiliates and subsidiaries); or (2) any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Platforms.

By accessing or using the platforms, you signify your agreement to these terms of use. If you do not agree to these terms of use, you shall not access or use the platforms. This policy may change from time to time. Your continued use of the Platforms after such changes are made is deemed to be acceptance of those changes. It is your responsibility to check this policy periodically for updates.

What information we collect and how we collect it

Like many other website operators, Iris collects various types of information from and about users of our Platforms. We may collect information directly and voluntarily from you when you provide it to us to use, and which you may be personally identified from, including, but not limited to: name, e-mail address, telephone number, Internet Protocol (“IP”) address, location (past or present), information concerning your health and/or medical records, or information about your request or need (“Personal Information”). We may also collect information from you that is about you individually, but does not identify you personally, including but not limited to: your browser type, your internet connection, the equipment used to access the Platforms, language preferences, referring site, additional websites requested, and the date and time of each of your requests.

Information you provide to us

Information we collect from you on or through the Platforms depends on how you utilize the Platforms and what information you agree to provide to us. We may collect information that you provide when registering to use the Platforms and/or posting materials, comments, and/or questions. We may also collect information from you when you report a problem with our Platforms, search the Platforms, or respond to queries distributed for research purposes.

*This list of information we may collect from you is illustrative, not exhaustive; the privacy policy applies to all use of the platforms.

All information posted on the Platforms and/or transmitted to others through the Platforms is done at your own risk, and may be collected and retained. Although we work diligently to protect your information and allow you to adjust your preferences through your account, no security measures are perfect. Furthermore, the Company cannot control the actions of every other user of the Platforms with whom you may choose to share your information, and thus cannot and does not guarantee that your shared and/or posted information will not be viewed by unauthorized persons.

Automatic Data Collection

To use the Platforms you do not need to submit any Personal Information other than your name, email address, phone number, and location. However, in an effort to improve the quality of the Platforms, we track information provided to us by your browser or by our software application when you view or use the Platforms, such as the website you came from (known as the “Referring URL”), the type of browser you use, the device from which you connected to the Platforms, the time and date of access, and other information that does not personally identify you. We track this information using cookies, or small text files, which include an anonymous unique identifier. Cookies are sent to your browser from our servers and are stored on the your computer’s hard drive. Sending a cookie to your browser enables us to collect Non-Personal Information about that you and keep a record of your preferences when utilizing our services, both on an individual and aggregate basis.   We may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser.

Location Information

The Platforms allows you to inform people predetermined by you of your location and health status when you’re at a hospital. Iris reaches out to you via push-notification to check in and make sure you’re safe. If you respond that you are fine, no one is notified. If you’re not fine, Iris informs the predetermined people that you may be at a hospital based upon your location; in such a case, Iris also provides the information needed to reach you and/or the hospital.

While the Platforms do send you push notifications, you cannot use the Service to place any calls or send any messages. However, the Platforms do provide a feature that allows you to be routed to your native calling and messaging applications.

Iris is not a health care provider

Iris is NOT a “healthcare provider” or “covered entity” under the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy Rule. Iris does not furnish healthcare in anyway, and does not bill its users for any healthcare services. Iris does not in any way diagnose medical conditions or provide medical treatments. However, by the nature of Iris and the operation and purpose of the Platforms, we may collect health and/or medical information that may be protected under HIPAA or other state and/or federal law or regulation.


You understand and acknowledge that the period of this authorization shall last so long as you continue to use the Platforms, and that you may revoke such authorization at any time by discontinuing your use of the Platforms.

How we use your information

Personal Information
Except as otherwise stated in this policy, we do not sell, trade, rent, or otherwise share for marketing purposes your Personal Information with third parties without your consent. We do share Personal Information with vendors who are performing services for the Company, such as the servers for our email communications who are provided access to users’ email address for purposes of sending emails from us.  Those vendors use your Personal Information only at our direction and in accordance with our Privacy Policy.

In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, and inform users about promotional offers.

Non-Personal Information
In general, we use Non-Personal Information to help us improve the Platforms and customize the user experience.  We also aggregate Non-Personal Information in order to track trends and analyze use patterns on the Platforms.  This policy does not limit in any way our use or disclosure of Non-Personal Information and we reserve the right to use and disclose such Non-Personal Information to our partners, advertisers, and other third parties at our discretion.

In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Information may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this policy, and that any acquirer of our assets may continue to process your Personal Information as set forth in this policy.  If our information practices change at any time in the future, we will post the policy changes to the Platforms so that you may opt out of the new information practices.  We suggest that you check the Platforms periodically if you are concerned about how your information is used, as we have no obligation to inform you directly of any changes regarding our information practices.

Disclosure of your information

We may disclose aggregated information about our users and any information that does not identify any specific individual, without restriction.

We may also disclose your personal information: (1) to comply with any court order, law, or legal process, including to respond to any government or regulatory request; (2) to ensure compliance with our Terms of Use [] and other agreements, such as billing; (3) to protect the rights, property, or safety of Iris, our customers, or others; or (4) as authorized by you during your use of the Platforms.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:

Control Over The Platforms
The Platforms allow you to inform people predetermined by you of your location and health status when you’re at a hospital. Iris reaches out to you via push-notification to check in and make sure you’re safe. If you respond that you are fine, no one is notified. If you’re not fine, Iris informs the predetermined people that you may be at a hospital based upon your location; in such a case, Iris also provides the information needed to reach you and/or the hospital. In the future, Iris may provide functionality allowing you to store health and/or medical information on the Platforms, which information you may share with others as you see fit.

To Aid Doctors
In order to provide the services rendered by the Platform, we may, at your direction, share your Personal Information with doctors so that they can better provide treatment to you in the case of medical need. Any such sharing of information will be completely limited to the information that you have listed as acceptable to share.

Accessing and Correcting Your Information
You can review, change, or delete your personal information by logging into the Platforms and visiting your account profile page and/or settings page.

Data security

Iris has implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.

We also count on you to help ensure the safety and security of your information. You should keep your password absolutely confidential and refrain from allowing others to login to your account. While we provide integration with 1Password, we cannot guarantee the security or security practices of 1Password; thus, you use such integration at your own risk. Any transmission of personal information is at your own risk. We are not responsible for the circumvention of any of the Platforms’ privacy settings or security measures.

Children’s privacy

Our Platforms are not designed for children under 13. Only persons 13 years of age or older may use the Platforms. We do not knowingly collect Personal Information from children under 13. If we discover that an individual under 13 has provided us with Personal Information, we will close the account and delete such information. If you believe we might have any information from or about a child under 13, please contact us at

Changes to our privacy policy

Iris reserves the right to change this policy and our Terms of Use at any time. We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account and/or by placing a prominent notice on our Platforms. Significant changes will go into effect at least 30 days following such notification. Non-material changes or clarifications will take effect immediately and may be done so without notice. You should periodically check the Platforms and this privacy page for updates.

Contact information

To ask questions or comment about this privacy policy and our privacy practices, contact us at