Effective Date: July 21, 2025
At Well App, Inc. ("Well", "we", "our", or "us"), your privacy is important.
This Privacy Policy describes how we collect, use, disclose, and protect personal data when you use our platform, services, and APIs (collectively, the “Services”).
This policy applies to personal data that Well processes in its role as a data controller (e.g., account registration, support) and as a processor (e.g., when our customers use Well to extract or route data from their own users).
If you do not agree with this Privacy Policy, you should not access or use our Services.
Account Info: Name, email address, organization name, job title, password
Billing Info: Payment method, billing address (processed via secure third-party payment processors)
Communications: Emails, support requests, surveys, and product feedback
Integration Data: Configuration details when connecting third-party services to Well
Usage Logs: Timestamps, API activity, IP address, browser headers
Device Info: Device type, OS, browser version
Telemetry: Application performance, feature usage, error rates
Cookies and Tracking: See Section 6
Our customers may upload or retrieve personal data from third-party platforms (e.g., portals, inboxes, or cloud storage) using our Services. In such cases, Well acts as a data processor and our Data Processing Agreement (DPA) applies.
We use your information to:
Provide and maintain the Services
Authenticate users and secure access
Monitor usage and detect fraud or abuse
Improve and develop new features
Send updates, notices, and support messages
Bill and collect fees
Comply with legal obligations
We may also use anonymized or aggregated data for analytics, benchmarking, or product development. This data cannot be linked to any individual.
We do not sell personal data. We only share personal data as follows:
We share data with vendors who help operate our platform (e.g., cloud hosting, customer support tools, email services). These vendors are bound by contractual obligations to protect data.
We may disclose data if required to comply with law, regulation, subpoena, or court order, or to protect Well’s legal rights, prevent harm, or enforce our agreements.
In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you of any such change in control.
We retain personal data only as long as necessary for the purposes described above, or as required by law. Retention periods vary based on data type and context.
When data is no longer needed, we will delete or anonymize it.
Depending on your location, you may have the following rights:
Right | Description |
Access | Request a copy of your personal data |
Correction | Request updates to incomplete or inaccurate data |
Deletion | Request we delete your data, subject to legal limits |
Restriction | Request limited use of your data under certain conditions |
Portability | Request a structured copy of your data in machine-readable format |
Objection | Object to processing based on legitimate interests or direct marketing |
Withdraw Consent | Withdraw consent where processing is based on it (e.g., marketing emails) |
To exercise any of these rights, please contact us at privacy@wellapp.ai. We may verify your identity before fulfilling requests.
We use cookies and similar technologies to:
Maintain login sessions
Measure usage and performance
Remember preferences
Support marketing and analytics
You can manage your cookie preferences through your browser. If you disable cookies, some features of the Services may not function properly.
We implement industry-standard security practices, including:
HTTPS and encryption at rest
Role-based access control
Regular vulnerability scanning and patching
Isolated data environments
Audit logging
No system is 100% secure, but we take reasonable steps to protect your data from unauthorized access, use, or disclosure.
Well ensure data processed on behalf of European customers is processed and stored under European contracts.
We ensure appropriate safeguards through standard contractual clauses and other legal mechanisms.
Our Services are intended for use by businesses. We do not knowingly collect personal data from children under 13. If we become aware of such data, we will delete it.
If you are a California resident, you have the right to:
Know what categories of personal data we collect and how we use them
Request deletion of your personal data
Opt out of “sale” (we do not sell personal data)
To exercise your rights, email us at privacy@wellapp.ai or use our in-app privacy portal (when available). We will not discriminate against you for exercising your rights.
If you are in the EEA, UK, or Switzerland, we process your data under the legal bases of:
Performance of a contract (e.g., providing services)
Legitimate interest (e.g., improving services, ensuring security)
Consent (e.g., marketing emails)
You may lodge a complaint with your local data protection authority if you believe we have violated your rights.
We may update this Privacy Policy from time to time. Material changes will be announced via email or in-app notices. Your continued use of the Services after updates means you accept the revised policy.
If you have any questions or concerns about this Privacy Policy or your data:
Well App, Inc. 1111B S Governors Ave STE 29109 Dover, DE 19904 Email: privacy@wellapp.ai