Privacy policy



Privacy policy

Effective Date: January 1, 2025
Last Updated: August 29th, 2025


1.Scope & Applicability

  • U.S.-Based Services: Outfront Health operates across the United States, including all 50 states and Washington, D.C. By using our Services from outside the U.S., you acknowledge that your data may be transferred to and processed in the U.S. under U.S. law, which may differ from your home country’s regulations.

  • Restricted Locations: Some states may impose restrictions on lab testing or health services. Access from restricted areas may be subject to limitations or cancellation. See our Terms of Service for details.

  • No Use by Minors: Services are intended for individuals 18 years or older. We do not knowingly collect data from minors. If you believe we have collected such data, contact us at support@outfronthealth.com, and we will delete that information

  • Compliance With State Laws: We aim to meet privacy requirements of all applicable U.S. state laws. If your state has more stringent requirements, we will strive to comply and welcome inquiries about your rights.


2. Introduction

Outfront Health (“Outfront,” “the Company,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal and health information. This Policy explains how we collect, use, protect, retain, and share or disclose your information and personal data when providing Services to you through our websites, applications, products, and services that link to this policy (“our Services”) and our practice for using, maintaining, and protecting, and disclosing that information. 

This policy applies only to information we collect:

  • Through the Services, which may include (1) At-home testing kits, and (2) in-home or event-based physical screenings.

  • In communications, including email, text, chat, and other electronic messages, between you and the Services.

  • When you interact with our advertising and applications (including mobile apps) on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

  • Us or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries) that does not link to this policy; or 

  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or through the Services.

We may provide additional or different privacy policies that are specific to certain features, services, or activities.

Please read this policy carefully to understand our policies and practices regarding your information and how we treat it. By interacting with our Services or providing us with your information, you agree to the collection, use, and sharing of your information as described in this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the Services after we make changes as described here is deemed to be acceptance of those changes, so please check the policy periodically for updates. 


Important: Our Services provide informational tools and screenings only. They do not constitute medical advice, diagnoses, or treatment from a licensed provider.


3. Key Definitions

  • Personal Data and Personal Information (collectively “PI”): Any data that identifies, describes, directly or indirectly, you as an individual, such as your name, email address, telephone number, home address, or payment information (e.g., name, contact info, test results).

  • Consumer Health Data (CHD): Health-related data such as lab results, vitals, and measurements collected during screenings.

  • Sensitive Personal Information (SPI): Includes government IDs, race, sexual orientation, health conditions, and similar data.

  • Self-Reported Health Info: Information you voluntarily provide about your health or lifestyle.

  • De-Identified Data: Health or personal data stripped of identifiers used for research, analytics, or aggregated reporting.

  • Sale/Sharing: Certain state laws define “sharing” as providing data to third parties (e.g., ad platforms), even without monetary exchange.


4. Information We Collect

4.1 Information You Provide

  • Name, contact info, birthdate, address

  • Health information, including lab results and self-reported data

  • Payment information via third-party processors

  • Communications with our team (emails, support chats)

In-Home & Event-Based Screenings:
We may collect biometrics such as blood pressure, body composition, heart rhythm (e.g., AFib), grip strength, balance metrics, or other health measurements. Data may be recorded by trained Outfront Health personnel or licensed third-party professionals.

4.2 Information We Collect Automatically

  • IP addresses, browser type, device information

  • Activity logs, session durations, referral URLs

  • Cookies, pixels, and other tracking technologies

4.3 Information from Third Parties

  • Accredited labs, including results, and testing providers

  • Shipping/logistics partners

  • Payment processors (e.g., Stripe)

  • Telehealth, pharmacy, or analytics platforms

4.5. How we Collect Your Information.

You Provide Information to Us

We collect information about you when you interact with our Services, such as when you create or update an account, place an order, subscribe, or make a purchase, participate in surveys, or promotions, create, upload, or post content to the Services, including reviews, media such as photos, videos, or audio recordings. 

Automatically Through Our Services

As you navigate through and interact with our Services, we may use automatic data collection technologies to collect information that may include personal data. Information collected automatically may include usage details, IP addresses, operating system, and browser type, and information collected through cookies, web beacons, and other tracking technologies including details of your interactions with our Services, such as traffic data, location data, logs, and other communication data, and which resources and Services features that you access and use.

We may use these automatic collection technologies to collect information about your online activities over time and across third-party sites or other online services (behavioral tracking).

Using automatic collection technologies helps us to improve our Services and to deliver a better and more personalized experience.

The technologies we use for this automatic data collection may include:

  • Cookies. A cookie is a small file placed on your device when you interact with the Services. You may refuse to accept or disable cookies by activating the appropriate setting on your browser or device. However, if you select this setting, you may be unable to access certain features of the Services. 

To the extent any of these automated technologies are considered a personal data sale, targeted advertising, or profiling, under applicable laws, depending on where you live, you may opt out from use of these automated technologies for such uses by emailing us. Please note that some Services features may be unavailable as a result.

When you interact with the Services, there are third parties that may use automatic collection technologies to collect information about your or your device. These third parties may include:

  • Advertisers, ad networks, and ad servers.

  • Accredited labs and testing providers.

  • Shipping and logistics partners

  • Payment processors

  • Telehealth, pharmacy, or analytics platforms.

  • Your internet or mobile service provider.

These third parties may use tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your personal data or they may collect information, including personal data, about your online activities over time and across different websites, apps, platforms, and other online services. 

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the provider responsible directly.


5. How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal data, to:

  • Provide Service Delivery: Process orders, ship kits, deliver results, and coordinate screenings. 

  • Customer Support: Respond to inquiries and manage accounts, including notices about your account. 

  • Communications: Account alerts, transaction notices, service updates

  • Analytics & Improvement: Enhance services, research, aggregate/de-identified data

  • Marketing: Promotional emails or ads (with consent)

  • Legal & Security: Comply with laws, investigate fraud, enforce Terms

  • Informed Consent & Waivers: For certain services, you may sign additional documents outlining data use

The usage information we collect, whether connected to your personal data or not, helps us improve our Services and deliver a better and more personalized experience by enabling us to:

  • Estimate our audience sizes and usage patterns.

  • Store information about your preferences, allowing us to customize the Services according to your individual needs and interests.

  • Speed up your searches.

  • Recognize you when you return to our Services.

We may also use your information to contact you about goods and services that may be of interest to you. If you do not want us to use your information in this way, please adjust your user preferences in your account profile.

6. Who We Disclose Your Information To

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. 

We may also disclose personal data that we collect or you provide as described in this privacy policy to the following individuals for the following purposes:


  • Labs & Medical Affiliates: Only necessary data shared to fulfill orders

  • Clinicians & Mobile Screeners: Licensed professionals bound by confidentiality laws

  • Vendors, Services Providers, Affiliates, and Other Third Parties.Payment processors, shippers, analytics, support tools, all under confidentiality obligations. These are the third parties we use to support our organization and who are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.Advertising Partners: Limited info (IP or cookie ID); opt-out available

  • Legal & Transactional: Disclosure as required by law, court order, or merger/acquisition

  • No Sale for Monetary Gain: We do not sell your data for cash; some state laws treat cross-site tracking as a “sale,” giving opt-out rights

  • For any other purpose disclosed by us when you provide the information.

We may also disclose your personal data:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

  • To enforce or apply our terms of use and other agreements, including for billing and collection purposes.

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our organization, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

The categories of personal data we may disclose include:

  • Account and contact information.

  • Payment information.

  • Account history, including information about your subscription, account, transactions, purchases, order history, or discounts.

  • Demographic information.

  • Location information.

  • Necessary lab information to facilitate our services.

  • Device information.

  • Content and information you elect to provide to us.

  • Images, voice recordings, and videos collected or stored in connection with the Services, if you have consented to such information collection.

7. Your Rights and Choices About Your Information

This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.

Advertising, marketing, cookies, and other tracking technologies choices: 

  • Cookies and Other Tracking Technologies. You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. You can choose whether or not to allow the Services to collect information through other tracking technologies by emailing us at the contact information at the end of this policy. If you disable or refuse cookies or similar tracking files, some Services features may be inaccessible or not function properly. Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the online services you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our Services may not respond to all browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described in this policy.

  • Promotions by the Company. If you do not wish us to use your information to promote our own or third parties' products or services, you can opt out by emailing us below. 

  • Targeted Advertising by the Company. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target audience preferences, you can opt out by emailing us at the contact information at the end of this policy. 

  • Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal data with unaffiliated or non-agent third parties for advertising and marketing purposes, you can opt out by emailing the email address at the end of this policy.

We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.


8. Data Retention & Security

  • Retention: We keep data only as long as necessary to provide Services or comply with laws. De-identified data may be stored indefinitely. Samples or results may be retained per regulatory or service requirements.

  • Security: Encryption, secure servers, firewalls, and role-based access are used. No system is 100% secure; use our Services at your own risk.


9. Children’s Privacy

Services are not for those under 18. If we learn data from a minor has been collected, it will be deleted upon request. Contact support@outfronthealth.com.


10. Cookies & Tracking Technologies

  • Use of Cookies: Remember preferences, track usage, enable analytics or marketing

  • Your Choices: Control via browser settings or opt-out links

  • Do Not Track / GPC: We honor signals where required

  • Ad Partners & Opt-Outs: See our “Do Not Sell or Share My Info” page


11. Your State Privacy Rights

Depending on your state of residency, you may have certain rights related to your personal data, including: 

  • Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible[ and required by state law, depending on your state], data will be provided in a portable format. Depending on your state, you may have the right to receive additional information and it will be included in the response to your access request.

  • Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information's nature and processing purpose.

  • Deletion. You may request that we delete personal data about you that we maintain, subject to certain exception under applicable law.  

  • Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. You may request that we do not use your personal data for these purposes.

Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request.

State-Specific Rights and Compliance
We recognize that certain states, including but not limited to California, New York, Virginia, and Colorado, provide residents with additional privacy or consumer rights. We will comply with all applicable state laws governing the collection, use, and disclosure of personal information, including any rights related to access, correction, deletion, or opt-out of certain data practices. Where state law requires additional notices, consents, or breach notifications, we will provide them as required by your state of residence. Nothing in this Privacy Policy limits or waives any rights you may have under applicable state law, including state consumer protection or health privacy statutes.

 

To exercise any of these rights, please email support@outfronthealth.com. To appeal a decision regarding a consumer rights request email support@outfronthealth.com.

Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to process your request to opt out from certain types of data processing, including data "sales" as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.


Exercise these rights: support@outfronthealth.com

11. How We Protect Your Personal Data

We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, email, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk. 

The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access. 

12. How We Retain Your Personal Data

We keep the categories of personal data described in this policy for as long as reasonably necessary to fulfill the purposes described or for as otherwise legally permitted or required, such as maintaining the Services, operating our organization, complying with our legal obligations, resolving disputes, and for safety, security, and fraud prevention. This means that we consider our legal and business obligations, potential risks of harm, and nature of the information when deciding how long to retain personal data. At the end of the retention period, personal data will be deleted, destroyed, or deidentified.


13. Appeals Process

If a privacy request is denied, email us with subject: “Appeal of Privacy Request.” If unsatisfied, you may file a complaint with your state Attorney General.


14. HIPAA & PHI

  • Outfront Health is not a HIPAA-covered entity, though labs, pharmacies, or telehealth partners may be.

  • PHI may be shared under HIPAA rules when Outfront Health acts as a business associate. De-identified data is not PHI.

  • You may receive a Notice of Privacy Practices from labs or clinicians.


15. Transactions & Payment Processing

  • Payments are processed via Stripe (PCI-compliant).

  • Transaction data (name, billing/shipping info, limited payment info) may be shared with vendors to fulfill orders.


16. Electronic Communications

By using Services, you consent to:

  • Emails or SMS about purchases, results, or updates

  • Marketing messages (opt-out at any time)
    Note: Email and SMS are not guaranteed secure; use at your own risk.


17. Authorization & Consent Reference

By using Services, you also provide Authorization & Consent for Diagnostic Testing, including collection, processing, and sharing of health data as described in this Policy and related documents.


18. Changes to This Privacy Policy

We may update this Policy.

  • “Last Updated” date will reflect changes

  • Major updates may be communicated via email or website notice

  • Continued use constitutes acceptance of updated terms


19. Contact Us

  • Email: support@outfronthealth.com

  • Mailing Address: Outfront Health, 15169 N Scottsdale Rd., Scottsdale, AZ 85254