Privacy Policy

Last Update: September 12, 2025

Wondr Health

eM Life

Privacy Policy

Effective Date: September 12, 2023

Last Updated: September 12, 2023

NS412, LLC dba Wondr Health and its wholly-owned subsidiary eMindful, LLC (collectively, “Wondr Health”, “we”, “us” or “our”) respects your right to privacy. This Privacy Policy is designed to inform you about how we collect, use and share Personal Information (i.e., information reasonably related to a specific individual), including Personal Information collected in person, by phone, through mail or email or through our website www.emindful.com, any other Wondr Health-owned and/or operated website, mobile sites, mobile applications or social media accounts (collectively, our “Services”). This Privacy Policy is not a contract and does not create any contractual rights or obligations.

A Note About Protected Health Information

When you use the Services (i) as a participant in a group health or welfare plan sponsored or administrated by a Wondr Health client, (ii) to receive services from Wondr Health that are reimbursable by your health insurance or other benefit plan, or (iii) use the Services to access healthcare services from independent third-party healthcare providers, we may collect protected health information (“PHI”) about you that is governed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

This Privacy Policy does not apply to PHI we collect about you. Instead: (a) PHI we collect about you as a participant in a group health or welfare plan sponsored or administered by a Wondr Health client, or as a recipient of healthcare services provided by an independent third-party healthcare provider who you access through the Services, is subject to the Notice of Privacy Practices of your group health or welfare plan or the applicable third-party healthcare provider and any contractual arrangement we have with such Wondr Health client or independent third-party healthcare provider; and (b) PHI we collect about you as a recipient of nutrition services from Wondr Health that are reimbursable by your health insurance or other benefit plan is subject to Wondr Health’s Notice of Privacy Practices at located here.

Please review the Notice of Privacy Practices applicable to your relationship with Wondr Health to understand how your PHI can be used and disclosed.

Processing of Personal Information

1. Sources of Personal Information

We collect Personal Information about you from the following sources:

We collect Personal Information you provide directly to us. For example, we collect Personal Information when you: interact with Wondr Health in person, by phone or through mail, register for an account, participate in any interactive features of the Services, subscribe to a newsletter or email list, participate in a survey, contest, promotion or event, request customer support, purchase any product or service, or otherwise communicate with us.

When you access or use the Services, we may automatically collect Personal Information or inferences about you, such as through cookies and other tracking technologies. This may include information about how you use and interact with our Services, information about your device, and internet usage information. See the “Cookies and Other Tracking Technologies” section below for more information.

We may collect Personal Information that third parties provide us. For example, we may collect information about you when you use any device that integrates with the Services. We may also receive information from your employer or insurance plan. Additionally, we may collect information about you when you post content to our pages or feeds on third party social media sites.

We may collect Personal Information about you from publicly available sources, such as public profiles and websites.

We may combine information we collect through each channel of collection together to create your profile. We may collect and store information about your purchases your billing information. We may also collect limited payment information from you, such as payment method and payment card information; however, we do not store full payment card numbers on our servers. Our third-party payment processor collects and processes all payment card transactions on our behalf.

2. Types of Personal Information we collect

We may collect the following types of Personal Information:

A. Identifiers, such as your name, email address, physical address, telephone number, business contact information, and device identifiers (e.g., cookie IDs and IP address).

B. Records about you, such as the content, timing and method of communications you have with us, including in online chats, calls, and emails; and information you share with or upload to our Services, such as reviews and comments.

C. Demographic information, such as age (including birthdates) and gender.

D. Commercial information, such as information related to your transactions; products or services purchased, obtained, or considered; subscription information; or other purchasing or consuming histories or tendencies.

E. Biometric information, such as a fingerprint or face scan.

F. Internet or other electronic network activity information, such as your browsing history, search history, preference information (including marketing and purchasing preferences), account settings (including any default preferences), and other information regarding your interactions with and use of the Services. For more information about cookies and other device data, please see Section 6 (Cookies and Other Tracking Technologies).

G. Non-precise geolocation data, such as your location as derived from your IP address.

H. Audio, electronic, visual, or other sensory information, such as photographs and audio/video recordings.

I. Professional or employment-related information, such as job title; organization; professional licenses, credentials, or affiliations; and other professional information.

J. Education information.

K. Inferences drawn from any of the information we collect about your preferences or behavior, including to assess the level of interest in our products and services based on frequency of visits and contact and determine your preferred frequency for receiving offers.

L. Sensitive Personal Information, including the following:

  1. Social Security number, driver’s license number, or passport number.
  2. Precise geolocation.
  3. Racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership.
  4. Content of mail, email, and text messages where we are not the intended recipient (such as messages that we host but are not sent to us).
  5. Information about your health.
  6. Information concerning your sex life or sexual orientation.
  7. Citizenship, citizenship status, or immigration status.

3. Use of Information

We may use your information for various purposes related to our operations and your use of the Services. For example, we may use your information to:

A. To provide you products and services, such as making our Services, products and services available to you; registering, verifying, and maintaining your account with us; providing and delivering you the goods and services you request, including facilitating our rewards programs; providing customer service; processing or fulfilling orders and transactions (including processing payments); verifying customer information and eligibility for certain programs or benefits; communicating with you (including soliciting feedback or responding to requests, complaints, and inquiries); hosting informational webinars; and providing similar services or otherwise facilitating your relationship with us.

B. For our internal business purposes, such as day-to-day operation of our business; maintaining internal business records, such as accounting, document management and similar activities; enforcing our policies and rules; management reporting; auditing; and IT security and administration.

C. For our internal research and product improvement purposes, such as verifying or maintaining the quality or safety of our products or services; improving our products or services; designing new products and services; evaluating the effectiveness of our advertising or marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.

D. For legal, safety or security reasons, such as complying with legal, reporting, and similar requirements; investigating and responding to claims against us, our personnel, and our customers; for the establishment, exercise or defense of legal claims; protecting our, your, our customers’, and other third parties’ safety, property or rights; detecting, preventing, and responding to security incidents and health and safety issues (including managing spread of communicable diseases); and protecting against malicious, deceptive, fraudulent, or illegal activity.

E. In connection with a corporate transaction, such as if we acquire assets of another business, or sell or transfer all or a portion of our business or assets including through a sale in connection with bankruptcy and other forms of corporate change.

F. For marketing and targeted advertising, such as marketing our products or services or those of our affiliates, business partners, or other third parties. For example, we may use Personal Information we collect to personalize advertising to you (including by developing product, brand, or services audiences and identifying you across devices/sites); to analyze interactions with us or our Services; or to send you newsletters, surveys, questionnaires, promotions, or information about events or webinars. You can unsubscribe to our email marketing via the link in the email or by contacting us using the information in Section 16below.

When you submit content (such as a post or comment or public chat) to the Services, any visitors to and users of our Services may be able to see that content, the username associated with the content, and the date and time you originally submitted the content. Although some parts of the Services may be private, other parts of the Services are public and you should take that into consideration before posting to the Services.

We also may use aggregated or de-identified information, which cannot reasonably be used to identify you. Once de-identified and aggregated so that data does not personally identify you (for example, we may aggregate data in order to improve our automation and improve care), it is no longer Personal Information. Such de-identified and/or aggregated information which does not identify individuals is not subject to this Privacy Policy.

4. Sharing of Information

We may share Personal Information with third parties, including the categories of recipients described below:

A. Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.

B. Service providers thatwork on our behalf to provide the products and services you request or support our relationship with you, such as IT providers, internet service providers, web hosting providers, data analytics providers, and companies that provide business support services, financial administration, or event organization.

C. Professional consultants, such as accountants, lawyers, financial advisors, and audit firms.

D. Vendors necessary to complete transactions you request, such as shipping companies and logistics providers.

E. Law enforcement, government agencies, and other recipients for legal, security, or safety purposes, such as when we share information to comply with law or legal requirements, to enforce or apply our Terms of Use and other agreements or policies, and to protect our, our customers’, or third parties’ safety, property, or rights.

F. Other entities in connection with a corporate transaction, such as if we acquire assets of another entity, or sell or transfer all or a portion of our business or assets including through a sale in connection with bankruptcy and other forms of corporate change.

G. Business partners that may use Personal Information for their own purposes, such as:

H. The public, such as when you have an opportunity to make comments regarding us or our products that we may share with the public, including comments on our blog posts and reviews on our product pages. Any Personal Information in comments, reviews, or other content that you share in public areas of our Services may be read, collected, or used by other users or the public.

I. Entities to which you have consented to the disclosure.

We also may share aggregated or de-identified information, which cannot reasonably be used to identify you and is not subject to this Privacy Policy.

5. Links to Third-Party Websites

The Services may contain links to third-party content, services or products by linking to a third-party’s website. If you click on a third-party link, you will be directed to that third-party’s website. Wondr Health does not exercise control over third-party websites and is not responsible for the privacy practices or the content of any third-party websites. Please note that if you provide any information to parties who provide services to us or to any other sites you encounter on the Internet (even if these sites reflect our branding), different rules and policies may apply to their use or disclosure of any Personal Information you disclose to them. This Privacy Policy does not apply to information collected through or by any third party (including your employer or insurance provider). We encourage you to check the privacy policies of third-party websites before providing your information to them. The fact that we may link to a third-party website or present a banner ad or other type of advertisement from a third party is not an endorsement, authorization, or representation of any affiliation by us with that third party, nor is it an endorsement of their privacy or information security policies or practices.

6. Cookies and Other Tracking Technologies

Our Services and authorized third parties use cookies and other tracking technologies to collect information about you, your device, and how you interact with our Services. This section contains additional information about:

Types of cookies and tracking technologies we use. We and the third parties that we authorize may use the following tracking technologies:

Purposes for using these technologies. We and authorized third parties use these technologies for purposes including:

Information collected. These tracking technologies collect data about you and your device, such as your IP address, location (both approximate and precise) cookie ID, device ID, Ad ID, operating system, browser used, browser history, search history, and information about how you interact with our Services (such as pages on our Services that you have viewed).

Disclosures of your information. We may disclose information to third parties or allow third parties to directly collect information using these technologies on our Services, such as social media companies, advertising networks, companies that provide analytics including ad tracking and reporting, security providers, and others that help us operate our business and Services.

Your choices. Some of the third parties we work with may participate with the Digital Advertising Alliance (“DAA”) and Network Advertising Initiative (“NAI”). The DAA and NAI provide mechanisms for you to opt out of interest-based advertising performed by participating members at http://www.aboutads.info/choices/ and https://optout.networkadvertising.org/. We adhere to the DAA’s Self-Regulatory Principles for Online Behavioral Advertising. You may also click on the AboutAds icon on a Company advertisement and follow the instructions on how to opt out.

You can also refuse or delete cookies using your browser settings. If you refuse or delete cookies, some of our Services’ functionality may be impaired. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies. If you change computers, devices, or browsers; use multiple computers, devices, or browsers; or delete your cookies, you may need to repeat this process for each computer, device, or browser. Opting out of interest-based advertising will not opt you out of all advertising, but rather only interest-based advertising from us or our agents or representatives.

Do Not Track. Some browsers have incorporated Do Not Track (“DNT”) preferences. At this time, we do not honor Do Not Track signals.

7. Security

We use reasonable administrative, technical, and physical safeguards designed to protect the Personal Information under our control from unauthorized access, use, and disclosure, in accordance with applicable law. Despite these measures, the confidentiality of any communication or material transmitted to or from us via the Services by Internet or email cannot be guaranteed. Your use of the Services and provision of information constitutes your willingness to assume this risk.

The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We encourage you to learn as much as you can about your privacy on the Internet.

8. Purposes and Legal Bases of Processing Information

Our processing of the data we collect from you is justified on one or more of the following legal bases, as provided for in the applicable data law of your jurisdiction:

9. International Data Transfers

Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information.  In general, you are the controller of information submitted by you or your organization and we are the processor of such information and controller of user or visitor information submitted to us.

Depending on the jurisdiction where you reside, we may need to transfer your Personal Information internationally.  In particular, Personal Information collected by us may be transferred to and processed in countries outside the European Economic Area (“EEA”). Those destination countries may not have the same level of protection for Personal Information as in the EEA. Certain third countries have been officially recognized by the European Commission as providing an adequate level of protection. Transfers to third parties located in other third countries outside the EEA take place using an acceptable data transfer mechanism, such as the EU standard contractual clauses for data transfers, Binding Corporate Rules, approved Codes of Conduct and certifications, or in exceptional circumstances on the basis of permissible statutory exceptions.

Please write to support@emindful.com , if you want to receive further information or, where available, a copy of the relevant data transfer mechanism.

10. Children’s Privacy

The Services are intended for general adult audiences. In the event that we collect Personal Information from children under the age of 16 in connection with providing our products or services, we require such Personal Information to be provided from a parent, guardian or other person with legal authority to provide us with such information. We do not share, sell, rent, or transfer children’s Personal Information other than as set forth in this Privacy Policy. If you are aware of any child using the Services, please contact us at support@emindful.com.

11. Your Choices

Location Information

You may stop the collection of this information at any time by changing the settings on your mobile device, but note that some features of our mobile applications may no longer function if you do so.

Native Applications on Mobile Device

Some features of our mobile applications may require access to certain native applications on your mobile device, such as the camera, photo album and the address book applications. If you decide to use these features, we will ask you for your permission prior to accessing the applications and collecting associated information. Note that you can revoke your consent at any time by changing the settings on your device.

Push Notifications

We may send promotional and non-promotional push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device or within our mobile applications.

Opting out of Marketing Emails

You may opt out of marketing or promotional emails by following the unsubscribe instructions in any marketing email we send you. However, do note that you will be automatically opted in to receive marketing and promotional emails upon registration or reregistration with the Site or our services; enrollment or reenrollment with the Site or our services; or the creation or reinstatement of an account. This automatic opt in will occur even if you have previously deregistered from the Site or our services, disenrolled from the Site or our services, deleted your account, requested deletion of your Personal Information, or otherwise performed any action or inaction that resulted in the deletion, deregistration, or disenrollment of your account from the Site or our services. If you wish to opt out of marketing or promotional emails following reregistration, reenrollment, or reinstatement, please follow the unsubscribe instructions in any marketing email we send you.

12. Record Retention.

We will maintain your information, including any Sensitive Personal Information, for only as long as reasonably necessary to fulfill the purpose for which it was collected, and as long as legally necessary, in accordance with applicable law. In some circumstances we may retain your Personal Information for extended periods of time, including, for instance, where we are required to do so in accordance with legal, regulator, tax or accounting requirements.

In specific circumstances we may also retain your Personal Information for extended periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Information or dealings.

We maintain a data retention policy which we apply to records in our care. Where your Personal Information is no longer required, we will undertake reasonable efforts ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.

13. Supplemental US State Privacy Disclosures

If you are a California resident, you may have certain rights regarding Personal Information. Please note that certain information, such as PHI and medical information (as defined under the Confidentiality of Medical Information Act (“CMIA”)), is exempted from the California Consumer Privacy Act. This means that we and certain service providers or other recipients may not be required to honor the rights described in this section. Instead, we comply with our obligations under other laws, such as HIPAA and CMIA.

The Colorado Data Protection Act, Connecticut Data Privacy Act, and Virginia Consumer Data Privacy Act do not currently apply to us.

14. Consumer Rights

The law of your jurisdiction may provide you with certain rights regarding our use of your Personal Information, subject to exclusions from the rights granted under applicable law. Subject to certain exceptions, you may have the following rights regarding your Personal Information collected by us:

Wondr Health will not discriminate against you in any way for exercising your privacy rights. However, if you exercise certain rights, the exercising of such rights may inherently cause you to be unable to use or access certain features of the Services.

Exercising Rights

To exercise any of these rights, contact us at 855-999-7549 or complete the form available at https://www.wondrhealth.com/imgD/NS_CCPA_consumer_request_form.pdf and send it to privacy@wondrhealth.com. In connection with submitting a request, you must provide the following information: name, email, phone number, address and state of residence, and employer or insurance carrier associated with (if applicable) and you must state what type of request you are making.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. However, if we receive data through a third party or a customer of its services, we have no direct relationship with the individual whose Personal Information we process. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to the relevant third party or Wondr Health customer.

Only you, or someone legally authorized to act on such your behalf, may make a request related to his or her Personal Information. Wondr Health will take steps to verify your identify prior to processing your request, and we may ask for additional information from you that helps us with this verification, including a signed declaration that you are who you say you are. We will inform you if we need such information.

In general, Wondr Health has the right to require you to provide written permission granting authority to your representative and for your agent to verify its identity directly with us, and we may deny a request from your representative who does not submit proof of authorization as we request.

Wondr Health cannot respond to a request or provide Personal Information if we cannot verify the identity or authority to make the request.

Making a verifiable consumer request does not require you to create an account with us. We may deliver our written response by mail or electronically, at your option.

If we deny a request, we will provide a response explaining the reasons we cannot comply with a request, if applicable.

Additional Disclosures

In addition to the disclosures above, this section provides supplemental information about how we process Personal Information.

The chart below details the categories of Personal Information Wondr Health collected and disclosed for a business purpose in the preceding 12 months:

Categories of Personal Information We CollectCategories of Third Parties with Whom We Disclose Personal Information for a Business PurposeCategories of Third Parties to Whom Personal Information is Sold or Shared for Targeted Advertising
Identifiers (Section 2.A)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Records about you (Section 2.B)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Demographic information (Section 2.C)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Commercial information (Section 2.D)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Biometric information (Section 2.E)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Internet or other electronic network activity (Section 2.F)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Geolocation data (Section 2.G)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Audio, electronic, visual, or other sensory information (Section 2.H)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Professional or employment-related information (Section 2.I)-Affiliates and subsidiaries
-Service providers
-Professional consultantsVendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Education information (Section 2.J)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Inferences (Section 2.K)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Vendors necessary to complete transactions you request
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared
Sensitive Personal Information (Section 2.L)-Affiliates and subsidiaries
-Service providers
-Professional consultants
-Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes
-In connection with a corporate transaction
-Entities to which you have consented to the disclosure
Not sold or shared

Sale and Sharing of Personal Information

Wondr Health has not, in the preceding 12 months, and does not currently, sell or share Personal Information for money or other valuable consideration or cross-context behavioral advertising.

Use of Sensitive Personal Information

Wondr Health only uses and discloses Sensitive Personal Information for the following purposes: (i) performing services or providing goods reasonably expected by an average consumer; (ii) detecting security incidents; (iii) resisting malicious, deceptive, or illegal actions; (iv) ensuring the physical safety of individuals; (v) for short-term, transient use, including non-personalized advertising; (vi) performing or providing internal business services; (vii) verifying or maintaining the quality or safety of a service or device; or (viii) for purposes that do not infer characteristics about you.

California “Shine the Light” Law

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to support@emindful.com.

Nevada Resident Privacy Rights

Nevada residents may have certain rights to opt-out of sales of their Personal Information under Nevada Revised Statutes Chapter 603A. However, please note that Wondr Health does not currently sell data triggering this Nevada statute’s opt-out requirements. If you have questions with respect to this right, please contact support@emindful.com.

15. Updates to this Privacy Policy

We may amend this Privacy Policy from time to time, in our sole discretion. If we make changes to this Privacy Policy, we will update the “Effective Date” date at the beginning of this Privacy Policy. We encourage you to review this Privacy Policy whenever you use or access the Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy. If required by law, we will contact you directly to provide you with an updated Privacy Policy.

16. Contact Us

If you have any questions about this Privacy Policy, the practices of these Services, or your dealings with this Services, you may contact us at https://www.wondrhealth.com/contact.  

17. Accessibility

We are committed to facilitating the accessibility of our Services for all people with disabilities. To access this Privacy Policy or any other portion of the Services in an alternative format, please contact us at support@emindful.com or 855-999-7549.