Last updated: 3rd June 2025

Effective date: 3rd June 2025

This policy sets out the basis on which Hale Prevention, with our subsidiaries, our holding company, subsidiaries of our holding company from time to time (collectively called "Hale Prevention" or "we"), collects personal data from you and how we process such data.

By visiting our website https://www.joinhale.com (our "Site") or using Hale Prevention App or any other applications or software we provide from time to time (collectively our "App"), you accept and consent to the practices set out below.

1.1 For the purposes outlined in Clause 2., we may collect and process the following information about you:

(a) Information you give us - information that you provide us (which may include your name, address, email address, telephone number, credit card information and other personal description) by filling in forms on our Site or our App, or by corresponding with us (by phone, email or otherwise), for example:

(i) when you register for an account with us on our Site and in our App;

(ii) when you report any problem to us;

(iii) when you use certain features on our Site or our App;

(v) when you request any support from us; or

(vi) when you complete any survey or questionnaire we send you.

(b) Information we collect about you - information automatically collected when you visit our Site or use our App, for example:

(i) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your log-in information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

(ii) details of any transactions, purchases and payments you made on our Site and in our App; and

(iii) information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse overs), methods used to browse away from the page, and any phone number used to call our customer service number.

(c) Information we receive from third parties - We work with third parties and we may receive information about you from them, for example, business partners, sub contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, or credit reference agencies. We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

1.2 We only retain personal data for so long as it is necessary. Data may be archived as long as the purpose for which the data was used still exists.

2.1 We use information held about you for the following purposes:

(a) contacting you via email, push notifications, text/SMS, telephone calls, or website banners;

(b) providing, improving and developing our services;

(c) researching, designing and launching new features or products;

(d) presenting content and information in our Site and our App in the most effective manner for you and for the device you use;

(e) providing you with alerts, updates, materials or information about our services or other types of information that you requested or signed up to;

(f) collecting overdue amounts;

(g) complying with applicable U.S. federal and state laws and regulations;

(h) responding or taking part in legal proceedings, including seeking professional advice;

(i) for direct marketing purposes (please see further details in Clause 2.2 below);

(j) communicating with you and responding to your questions or requests; and

(k) purposes directly related or incidental to the above.

2.2 We intend to use your personal data in direct marketing (i.e. offering or advertising products or services by sending the relevant information directly to you). We require your consent specifically for this purpose and you may opt out any time. For the purpose of this clause:

(a) the personal data that may be used in direct marketing are those that you provide to us or we collect from you under Clause 1.1 above;

(b) the type of services or products that may be offered or advertised will be our products or services, seminars, conferences or events, and those of our affiliates or business partners.;

(c) the relevant information may be sent to you by email, in-app notification or phone call";

(d) you may opt out any time by emailing us at founders@joinhale.com. We will cease to send you marketing information without charge.

We will keep your personal data we hold confidential but you agree we may provide information to:

(a) any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;

(b) personnel, agents, advisers, auditors, contractors, financial institutions, and service providers in connection with our operations or services (for example staff engaged in the fulfilment of your order, the processing of your payment and the provision of support services);

(c) persons under applicable U.S. federal, state, or local laws and regulations;

(d) actual or proposed transferees of our operations (or a substantial part thereof) in the U.S.

4.1 Our Site uses cookies to distinguish you from other users of the Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site.

4.2 A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree to the use of cookies. Cookies contain information that is transferred to your computer's hard drive.

4.3 We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Site or a partner site that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session).

4.4 We use the following cookies:

(a) Strictly necessary cookies - These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

(b) Analytical/performance cookies - They allow us to recognise and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily.

(c) Functionality cookies - These are used to recognise you when you return to our Site. This enables us to personalise our content for you, greet you by your name and remember your preferences (for example, your choice of language or region).

(d) Targeting cookies - These cookies record your visit to our Site, the pages you have visited and the links you have followed. We will use this information to make our Site and the information displayed on it more relevant to your interests.

4.5 You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access all or parts of our Site.

4.6 We may use third-party web services on our Site. The service providers that administer these services use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analyse how visitors use our Site and make the information displayed on it more relevant to your interests. The information collected through these means (including IP addresses) is disclosed to these service providers. These analytics services may use the data collected to contextualise and personalise the marketing materials of their own advertising network.

Our Site, our App or our communication with you may from time to time contain links to third-party websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites understand your rights. We accept no responsibility or liability for any practices of third-party websites.

6.1 All information you provide to us is stored on our secure servers.

6.2 Any payment transactions will be encrypted using TLS/SSL technology.

6.3 Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

6.4 We restrict access to personal information to our employees, service providers and contractors on a strictly need-to-know basis and ensure that those persons are subject to contractual confidentiality obligations.

6.5 We review our information collection, storage and processing practices from time to time to guard against unauthorised access, processing or use.

6.6 Please note, however, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.

7.1 You have the right to:

(a) check whether we hold personal data about you;

(b) access any personal data we hold about you; and

(c) require us to correct any inaccuracy or error in any personal data we hold about you.

(d) patients residing in New York and New Jersey have the right under their respective state patient billing laws to request an itemized price list from Hale for their laboratory tests.

7.2 Any request under Clause 7.1 may be subject to a small administrative fee to meet our cost in processing your request.

8.1 All inputs given during the health consult sessions are for the client's consideration and decision only.

8.2 The client will be responsible for making the decisions and acting on them to address the issues.

8.3 All implementation decisions will be made personally by the client. No one else will be held responsible for the decisions made by the client.

9.1 The information provided on the dashboard is a visualisation tool for improving your overall health and wellness only and is not intended to replace medical advice, diagnosis, or treatment.

9.2 The use of the dashboard are not intended to create, nor do they create, a doctor-patient relationship.

9.3 You should seek the advice of the ordering physician or other qualified health provider with whom you have such a relationship if you are experiencing any symptoms of, or believe you may have, any medical or psychiatric condition

9.4 You should always consult your clinician or other qualified health provider before starting any new treatment or stopping any treatment that has been prescribed for you by your clinician or other qualified health provider.

By accessing or using Hale Prevention Sites, you agree to indemnify, hold harmless and defend Hale Prevention, its subsidiaries, officers, directors, parents, employees, agents, affiliates, vendors or licensors, at all times from and against any claims, actions or demands, damages, losses, expenses and costs including, without limitation, reasonable legal and accounting fees, alleging or resulting from your use of and access to Hale Prevention Sites or Services, and/or use of the online services using your user id and/or login password or OTP, or purchase or delivery of products, or your breach of the Terms of Use.

We may amend this policy from time to time by posting the updated policy on our Site. By continuing to use our Site and our App after the changes come into effect means that you agree to be bound by the revised policy.

If you have any questions, comments or requests regarding personal data, please address them to:

Hale team, founders@joinhale.com

I understand that Telehealth is a mode of delivering health care services via communication technologies (e.g., internet or cellphone) to facilitate diagnosis, consultation, treatment, education, care management, and self-management of a patient's health care.

By acknowledging my consent below, I understand and agree to the following:

I understand that Junction and affiliate Openloop Healthcare Partners, PC offer Telehealth consultations, which are conducted through videoconferencing, telephonic, and asynchronous technology and my Telehealth provider will not be present in the room with me.

I understand there are potential risks to the use of Telehealth technology, including but not limited to, interruptions, delays, unauthorized access, and or other technical difficulties. I understand that either my Telehealth provider or I can discontinue the Telehealth appointment if the technical connections are not adequate for my visit.

I understand that I could seek an in-office visit rather than obtain care from a Telehealth provider, and I am choosing to participate in a Telehealth consultation with Junction, an affiliate of Openloop Healthcare Partners, PC, Openloop Healthcare Partners, PC, Openloop Healthcare Partners California, PC, Openloop Healthcare Partners Colorado, PC, Openloop Healthcare Partners New Jersey, PC, Openloop Healthcare Partners Wisconsin SC, Reliant.MD Medical Associates, PLLC, Reliant.MD Medical Associates California, PC, Reliant.MD Medical Associates Colorado, PC, Reliant.MD Medical Associates New Jersey, PC, Reliant.MD Medical Associates Wisconsin, SC, MECNB Physician Services, PC, MECNB Physician Services California, PC, MECNB Physician Services Colorado, PC, MECNB Physician Services New Jersey, PC, and MECNB Physician Services, SC.

To protect the confidentiality of my health information, I agree to undertake my Telehealth consultation in a private location, and I understand that my Telehealth provider will similarly be in a private location.

I understand that I am responsible for payment of any amounts due and owing resulting from my Telehealth visit.

In an emergent situation, I understand that the responsibility of my Telehealth provider may be to direct me to emergency medical services, such as an emergency room.

By acknowledging below, I certify:

that I have read this form and/or had it explained to me

that I understand the risks and benefits of a Telehealth appointment

that I have been given the opportunity to ask questions and that such questions have been answered to my satisfaction.

Adept Labs, Inc. d/b/a Junction ("Junction") provides API solutions for at-home health care. Junction contracts with enterprise customers to grant access to Junction's services to the customers' patients like you. As part of its service, Junction works with health care providers and lab testing facilities to facilitate sharing your protected health information as governed by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), 42 U.S.C. § 1320d and 45 C.F.R. § 160–164. This HIPAA Authorization is to authorize the disclosure of your information from Junction to the following enterprise customer: Hale. By signing below, you agree as follows:

1. Pursuant to HIPAA, I authorize and direct Junction to give, disclose, and release, without restriction, my medical records, lab order, and/or lab testing results to Hale.

2. The purpose of the uses and disclosures is for care coordination.

3. I understand that, with certain exceptions, I have the right to revoke this Authorization at any time. If I want to revoke this Authorization, I must do so in writing. I may revoke this Authorization by sending an email to support@tryJunction.io stating my desire to revoke my HIPAA Authorization. I understand that it may take Junction a few business days to process my revocation.

4. I understand that I may refuse to sign this Authorization, but that will prevent me from participating in Junction's services. I also understand that my health care provider cannot deny or refuse to provide treatment, payment, enrollment in a health plan, or eligibility of benefits if I refuse to sign this Authorization.

5. I understand that, once information is disclosed pursuant to this Authorization, it is possible that it will no longer be protected by applicable federal medical privacy law and could be re-disclosed by the person or agency that receives it.

6. The authority above shall supersede any prior agreement that I may have made with my health care providers to restrict access to or disclosure of my individually identifiable health information. The authority given has no expiration date and shall expire only in the event that the enterprise contract between Junction and Junction Customer terminates or I revoke the authority in writing as specified above. I understand that I have a right to a copy of this Authorization.