Privacy Policy

Privacy Policy

PRIVACY POLICY

WEBSITE AND MOBILE APPLICATION

Date of Last Revision: March 6^th 2026

Zerigo Health Inc. (“Zerigo,” “Our,” or “We”) respects your right to privacy and is committed to protecting your personal information. This Privacy Policy explains how Zerigo complies with federal and state privacy laws as it collects, uses, discloses, or otherwise processes personal information about or from any individual or entity (“Customer”, “User”, “Member”, “You,” or “Your”) when they are using or accessing:

• the Zerigo website, available at zerigohealth.com, and related sub-domains, subsites, and any landing pages (together with any successor site, each a "Zerigo Website");
• Zerigo’s related mobile device application (the "Zerigo Mobile App");
• any Our products offered by or through the Zerigo Website, including the Zerigo Home Phototherapy Device (“Zerigo Device”) and the Member Guide containing instructions for the use of the Zerigo Device;
• any services offered by Zerigo including those services offered in connection with Your use of the Zerigo Device and any other Zerigo Products, including the services of the Care Guides (the "Zerigo Services"); and
• any offering combining Zerigo Devices, Zerigo Products, and/or Zerigo Services, (including the Zerigo Skin Health Program individually, and collectively with other Zerigo Product(s), the "Zerigo Solution"). The above websites, applications, products, services, programs, and solutions are collectively referred to herein as the "Services".

Zerigo also obtains personal information from other persons, partners, customers, healthcare providers, employers, insurers or organizations that engage with Zerigo, use Zerigo Products or Services or offer Zerigo Services to their employees, insureds, or members. Before accessing, visiting, or using Zerigo’s Website, any Zerigo Services and/or providing Zerigo with any personal information as described in this Privacy Policy, You acknowledge that You have read, understand, and agreed to all of the terms and conditions set forth in this Privacy Policy. Zerigo reserves the right, at any time and in its sole discretion, to modify or change this Privacy Policy.

The definitions and defined terms contained in the Zerigo Terms of Use found on the Zerigo Website and the Zerigo Mobile Application (hereinafter referred to as “Terms”) are incorporated herein by reference and available at: https://www.zerigohealth.com/terms-of-use.

HOW ZERIGO COLLECTS INFORMATION ABOUT YOU

For the reasons set forth below, Zerigo collects information about You (including identifiable and non-identifiable personal data) through Your access to and/or use of Zerigo’s Websites and/or the Zerigo Services including, without limitation, (i) information You provide while accessing the Zerigo Website and/or using the Zerigo Services including during online chat sessions, (ii) information You disclose to a Care Guide or other Zerigo personnel, and/or (iii) information provided to Zerigo by Your healthcare provider, employer or insurer.

Zerigo may use technology that makes a record of Your activity on the Zerigo Website. Zerigo may also use “cookies”, “pixels”, server or web log files, mobile device software development kits, and/or other types of files or software code when You access the Zerigo Website or use the Zerigo Services to collect IP address, device type, device identifiers, browser type, browser language, web pages accessed, URLs, platform type, clicks, domain names, landing pages, the amount of time spent on particular webpages, the date and time of activity on Zerigo Websites, and other similar information. Zerigo may associate this information with Your other information for our internal use only. If You so desire, You may adjust the settings on Your web browser to limit the type of cookies allowed.

If You acquire and use the Zerigo Services, Zerigo collects personal information, including Protected Health Information (“PHI”) about You through Your use. In addition, Zerigo collects PHI and other information about you through Your communication with Care Guides (as more fully described in the Terms of Use), and from Your physician and/or other health care providers. In addition, the Zerigo Mobile App has the capacity to access functions and features on Your smart phone or other authorized device that aid in the operation of the Zerigo Device including, without limitation, the camera, microphone, calendar, messaging, and email functions. If you do not want the Zerigo Mobile App to access the additional functions on Your device You do have the ability to limit the App’s permissions.

THE TYPE OF INFORMATION ABOUT YOU THAT ZERIGO COLLECTS

1. Protected Health Information (PHI)

Zerigo may create, collect, receive, maintain, store, transmit, disclose, and/or use PHI about You. Your PHI may include, without limitation, the following: (i) the identity of physicians and/or other health care providers that have examined and/or treated You, (ii) diagnostic and symptom information about You including, without limitation, any skin conditions such as psoriasis, eczema, or vitiligo, (iii) prescriptions, treatment plans and treatment protocols applicable to Your skin conditions, (iv) medical imaging and photographs providing information about Your skin conditions, including photographs of Your treatment progress that You take using the camera on Your smart phone, (v) laboratory and other test results relating to Your skin conditions, (vi) information about Your use of the Zerigo Services (vii) information You input into the Zerigo Website and/or the Zerigo Mobile App, (viii) information You disclose to a Care Guide or other Zerigo personnel, (ix) information You disclose to Your physician and/or other health care provider about Your symptoms, diagnoses and treatment progress before, during, and/or after Your use of the Zerigo Services, (x) information about Your treatment experience and outcomes during and/or after using the Zerigo Services, (xi) information obtained from other third parties including Your insurance providers and employers.

In most instances, when Zerigo creates, collects, receives, maintains, stores, transmits, discloses, and/or uses Your PHI, we are doing so for the purposes of Your treatment. For example, Your physician or other health care provider may send us a prescription or may provide You with a hard copy of the prescription that You can provide to Zerigo. We may communicate with Your physician if he or she makes any changes to Your treatment plan or treatment protocol.

1. Personal Information

The personal information, including PHI, about You that Zerigo collects and stores may include, without limitation, Your full name, email addresses, physical addresses, age, date of birth, Zerigo Mobile App username and password, phone numbers, employer, social security number, gender, geographic information, health insurance plan information (including, insurance identification numbers) device identifiers, and other information that You provide when You are using the Zerigo Website and/or the Zerigo Services, communicating with Zerigo personnel, and/or that You provide to Your physician and/or health care providers which they then communicate to Zerigo. In addition, when You access the Zerigo Mobile App, Zerigo may access or collect other information through Your device’s camera functions including photographs selected by You, and Your location information. Zerigo may also collect Your devices’ identification information, including MAC addresses and IP addresses.

1. Zerigo Device User Support Information
2. Text Message and Similar Notifications

Zerigo may collect and store: (i) the contact information You provide to Zerigo personnel including the Care Guides, (ii) information about Your use of the Zerigo Website and the Zerigo Services, (iii) identification information such as Your user ID and password, (iv) any of the other types of information described above in this Privacy Policy, and (v) notes, recordings, and/or communications between You and Zerigo personnel.

Zerigo may collect and store the information You provide, including Your telephone number, and may send text message notifications directly to Your mobile device as part of the Zerigo Services. Zerigo may send text messages to Your mobile device to provide You with information about the Zerigo Services, additional services available to You, reminders to treat using the Zerigo Device, notices regarding the Zerigo Mobile App, and/or information about other Zerigo products or services. Text message communications require the use of public networks and/or third-party service providers and are not a secure mode of communication. You are able to manage delivery of text messages from Your text application or from Your mobile device’s settings.

WHERE ZERIGO STORES INFORMATION ABOUT YOU

All or some portion of Your personal information, including PHI, and other information about You as described above may be stored on (i) the Zerigo Device, (ii) Your computer or mobile device that You use to access the Zerigo Website, and (iii) Zerigo’s information network including, without limitation, cloud storage providers.

HOW ZERIGO USES INFORMATION ABOUT YOU

Zerigo uses Your PHI, and the other information collected about You for a variety of purposes as permitted by, required by, and/or in accordance with applicable law, including, but not limited to, the following:

• In connection with Your health care provider’s treatment of You;
• To provide You with information and to answer any questions that You may have, about the Zerigo Mobile App, the Zerigo Device, the Zerigo Services and/or other medical devices, products and/or services which are, or may be, offered or sold by Zerigo;
• To obtain a prescription from Your physician and/or other health care provider so that You may acquire and use the Zerigo Services;
• To provide You with information as needed for You to acquire and use the Zerigo Services;
• To assist You in obtaining reimbursement from insurers for Your use of the Zerigo Services although Zerigo has no control over insurers’ coverage decisions;
• To obtain information from You about your medical conditions and medical treatments;
• To manage the operation of the Zerigo Services;
• To make improvements to the Zerigo Services and/or other Zerigo products and/or services;
• To provide information to Your health care provider in connection with the treatment of Your medical conditions;
• In a de-identified format for the purposes of clinical research in compliance with applicable law;
• In an identifiable format if authorized by You for use within clinical research, in compliance with applicable law;
• To communicate with You about the Zerigo Services and/or other products or services offered by Zerigo;
• For internal quality assessment, business improvement, and product development;
• For customer service trending and analysis;
• For patient treatment adherence, longitudinal efficacy studies, and retention analysis;
• For treatment, payment, or health care operation purposes as defined in HIPAA; and/or
• For any other purpose not prohibited by applicable law.

HOW ZERIGO DISCLOSES INFORMATION ABOUT YOU

1. Permitted Sharing of Your Personal Information
2. Sharing Personal Information with Your Health Care Provider
3. Sharing Personal Information with Third Parties
4. De-Identified and Aggregate Data
5. Disclosure Required Under Law

Zerigo may disclose Your PHI and/or other personal information about You as described above, as permitted by, required by, and/or in accordance with applicable law including, without limitation: (i) to Your physician and/or other health care provider; (ii) to persons and/or entities authorized by You in writing to receive such information, such as Your health insurer; and (iii) to third parties who perform services on Zerigo’s behalf.

Zerigo will not sell or rent Your personal information to any other company or organization.

Zerigo discloses information about Your use of the Zerigo Services to Your physician and/or other health care provider including progress reports, treatment adherence and, if provided, photographs of Your treatment sites.

To facilitate the provision of services, Zerigo may share some personal information, including PHI, with third parties that we engage to perform services or functions on our behalf. For example, Zerigo uses vendors to ship You the Zerigo Device. To facilitate the shipping of the device, Zerigo will provide the shipping vendor with Your name and address. When Zerigo shares personal information with our third-party partners, we do not authorize them to use, share, or disclose Your personal information with others for purposes other than the provisions of services that they have been retained to provide.

Once personal information, including PHI, has been fully de-identified so that it cannot be tied to any specific individual, it is no longer considered personal information or PHI. Zerigo de-identifies personal information and compiles this data to create anonymous aggregate statistics. This aggregate data is used to help Zerigo continually improve the user experience and to better understand the efficacy of the Zerigo Services in the treatment of medical conditions.

Zerigo may disclose de-identified treatment information to third parties to the extent not prohibited by applicable law.

Zerigo may disclose or report information about You as permitted by, required by, and/or in accordance with applicable law: (i) if we have a good faith belief that we are required to disclose the information in response to legal process (for example, a court order, search warrant or subpoena); (ii) to comply with applicable laws, (iii) if we believe that the Zerigo Website, the Zerigo Device, and/or the Zerigo Mobile App are being used to commit a crime including, without limitation, to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction, (iv) if we have a good faith belief that there is an emergency that poses a threat to the health or safety of a person or the general public, and/or (v) in order to protect the rights or property of Zerigo.

If Zerigo sells all or a portion of its business, we may transfer all of Your information that we collected including, without limitation, PHI, to the successor organization as permitted by and in accordance with applicable law.

HOW ZERIGO PROTECTS YOUR PERSONAL INFORMATION INCLUDING PHI

Zerigo protects the personal information it has collected about You, including PHI, by using industry standard security precautions against loss, unauthorized access, destruction, misuse, modification, or disclosure. Zerigo complies with the HIPAA Security Rule requirements applicable to medical device providers (as defined in HIPAA).

Even though Zerigo takes precautions to maintain the confidentiality of Your information, it is important to keep in mind that any information that You provide to Zerigo through the Website, the Zerigo Services, e-mail, text messaging (SMS and/or MMS), voicemail, or by other means may not be secure and may be susceptible to third party interception. As a result, You understand and agree that You transmit information to us at Your own risk, and that we are not liable for any data breaches. Please refer to the warranty disclaimer and limitation of liability provisions in the Zerigo Terms of Use.

You may be required to register for an account to access the Zerigo Website and/or the Zerigo Mobile App. You will be required to download the Zerigo Mobile App to Your smart phone in order to be able to use the Zerigo Device. You will be provided with or asked to create a username and password, and to provide information relevant to Your account. You are responsible for securing the confidentiality of Your username, password, and any other account access credentials and/or information used to identify You. When choosing a password, select a combination of letters and numbers that isn’t likely to be guessed or discovered by someone. It is important that You protect and maintain the security of Your account and that You immediately notify us of any unauthorized use of Your account.

To help prevent unauthorized access, maintain data accuracy, and to protect against the inappropriate use of the information we collect, store, and transmit, Zerigo has implemented a range of technical, physical, and administrative safeguards. In accordance with HIPAA, and other applicable laws, we apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of all personal information, including PHI, which Zerigo uses, maintains, stores and/or discloses as part of the services it provides. However, as indicated above, no website, mobile application, or internet transmission is completely secure. Unauthorized access, hacking, data loss, data breach, or other types of data misuse may occur. Accordingly, any transmission of Your PHI, insurance information, and/or any other information about You provided by You, your physician, and/or other health care provider to Zerigo is at Your own risk. You acknowledge and agree that Zerigo will not be liable for any harm or damage to You or anyone else for any unauthorized access, hacking, data loss, data breach, or other type of data misuse.

RIGHT OF ACCESS TO PHI ABOUT YOU THAT ZERIGO MAINTAINS

You may choose to decline to share certain personal information with Zerigo. In addition, You may choose to revoke Your consent for Zerigo to use Your personal information for purposes other than those pertaining to Your care and treatment, payment for services and other healthcare operations.

To exercise Your right to revoke consent, contact Zerigo, in writing, at:

Zerigo Privacy Officer

c/o Hera Hub

6170 Cornerstone Court East, Suite 100,

San Diego CA 92121

Phone: 877-738-6041

Email: privacy@zerigohealth.com

You also have the right to access, inspect, and receive a copy of Your personal information maintained by Zerigo in Your designated record set. The exercise of this right is more fully explained in the Zerigo Notice of Privacy Practices. To exercise this right, submit a written request to Zerigo at the above contact information. Zerigo may charge a reasonable, cost-based fee to cover the expense of providing the requested copies.

As described above, some of the PHI about You that Zerigo collects and stores may come from Your physician and/or other health care provider in connection with their providing medical treatment to You and through other written and/or oral communications relative to Your medical treatment. Accordingly, Zerigo has no authority or means of permitting You to review and/or request changes of such information, and any such requests will have to be directed to the specific physician and/or other health care providers.

NOTICE OF MATERIAL MODIFICATIONS OR CHANGES TO OUR PRIVACY POLICY

Zerigo may make modifications or changes to this Privacy Policy from time to time. Zerigo may, but is not required to, send You notice of such modifications or changes by email, message, and/or other written communication. You will be notified of modifications and changes to this Privacy Policy through a change in the Date of Last Revision at the top of the first page of this Privacy Policy. You should always check the Date of Last Revision at the top of this Privacy Policy prior to using the Zerigo Website and/or the Zerigo Services to see if the Date of Last Revision has been changed. By continuing to use the Zerigo Website and/or the Zerigo Services after the Date of Last Revision, You agree on behalf of Yourself, Your minor child and/or any person or entity for whom You are acting to the terms of the revised Privacy Policy, with all such modifications and/or changes, and that such revised Privacy Policy shall supersede and replace any prior version applicable to Your prior use.

OUR POLICY TOWARD CHILDREN

The Zerigo Website and the Zerigo Services are not intended for use by children under the age of 13. Zerigo does not intend to or knowingly collect any personal information regarding children under the age of 13 unless a parent or guardian approves such collection and provides such information on behalf of the child. Children under the age of 13 should not use the Zerigo Website at any time and only a parent or legal guardian should use the same on behalf of the child. If we learn that we have collected personal information, or PHI, directly from a child under the age of 13, we will delete such information. Notwithstanding the foregoing, the Zerigo Website and the Zerigo Services may be used for the benefit of any minor child by the child’s parent(s) or legal guardian.

PRIVACY POLICIES OF LINKED SITES

Zerigo is not responsible for the privacy practices, security, or the content of any non-Zerigo websites or mobile apps that are linked to the Zerigo Website or the Zerigo Mobile App. If You have any questions about how these other websites or mobile apps use Your information, You should review their policies and contact them directly. Zerigo is not responsible for the actions of third-party advertisers, service providers and/or any other third parties.

YOUR CALIFORNIA PRIVACY RIGHTS

Zerigo does not knowingly disclose to third parties any personal information about You as defined in Cal. Civ. Code Section 1798.83 for the third parties’ use for its own direct marketing purposes. For further detail review the Cal. Civ. Code Section 1798.83, which sets forth rights held by California residents regarding privacy rights applicable to disclosures to third parties for direct marketing purposes. If You have any reason to believe that Zerigo may have made such a disclosure, You may request the information required in Section 1798.83 by contacting Zerigo in writing at the contact information provided above.

YOUR WRITTEN AUTHORIZATION RIGHTS

Certain uses or disclosures of Your, Your minor child, and/or any other person on whose behalf You are acting’s personal information, including PHI, may require Your specific written authorization. You agree that Your authorization may be effectuated by use of Your electronic signature, including Your electronic expression of Your agreement on the Zerigo Website and the Zerigo Mobile App to the fullest extent not prohibited by applicable law. If You change Your mind after authorizing such a use or disclosure, You may submit a written revocation of the authorization to the above contact information. However, Your decision to revoke authorization will not affect or undo any use or disclosure of information that occurred before You notified Zerigo of Your decision to revoke Your authorization.

COMPLAINTS OR QUESTIONS ABOUT PRIVACY POLICY

If You have any questions, comments, or complaints regarding Your privacy rights or concern that Your privacy rights may have been violated, contact Zerigo’s Privacy Officer, in writing, at the contact information provided above.

You will not be penalized or otherwise retaliated against for filing a complaint. To protect Your privacy and security, we will also take reasonable steps to verify Your identity before granting access or making corrections.

ACCEPTANCE OF THIS PRIVACY POLICY

THIS PRIVACY POLICY IS INCORPORATED INTO AND SUBJECT TO THE ZERIGO TERMS OF USE. BY ACCESSING, VISITING, AND/OR USING THE ZERIGO WEBSITE OR THE ZERIGO SERVICES, YOU REPRESENT AND WARRANT THAT YOU HAVE READ, UNDERSTOOD, ACCEPTED, AND AGREED TO ALL OF THE TERMS AND CONDITIONS SET FORTH IN THIS PRIVACY POLICY AND THE TERMS OF USE, ON BEHALF OF YOURSELF, YOUR MINOR CHILD (IF APPLICABLE), AND/OR ANY PERSON OR ENTITY FOR WHOM YOU ARE ACTING.