Privacy Policy

Last modified: February 10, 2016

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. By using the Service, you consent to our use of your information as described in this policy.

Introduction and Acceptance of Terms

This privacy policy ("Privacy Policy") describes how Halo Neuro, Inc. collects and uses the personal information you provide when using our Service. The term "Service" includes the Halo products and devices (a "Halo Device"), the Halo website currently available at www.haloneuro.com (and any successor site) (the "Halo Site"), the Halo mobile application (the "Halo App") and related content, software, applications, widgets, materials and/or services made available by us. For purposes of this Privacy Policy, the terms "we," "us" and "our" refer to Halo Neuro, Inc. "You" refers to you, as a user of the Service.

This Privacy Policy also describes the choices available to you regarding our use of your Personally Identifiable Information (as defined below), how you can access and update this information, and what of this information we will retain even if you decide to delete the Service or stop using the Service. Our Privacy Policy is not a contract, and it does not create any legal rights or obligations. Your use of the Service indicates that you consent to our collection, storage, use and disclosure of your personal information and other information as described in this Privacy Policy and agree to our Terms of Service. Capitalized terms not defined in this Privacy Policy have the meanings set forth in the Terms of Service.

If you do not consent to the use of your Personally Identifiable Information as described in this Privacy Policy or do not agree to the Terms of Service, do not use the Service.

Information We Collect and How We Collect It

When you use the Service you provide us with three types of information: (i) information you submit via the Service; (ii) information regarding your use of the Service collected by us as you interact with the Service; and (iii) information about your use of third party mobile applications available through your mobile device. The information we gather enables us to personalize, improve, and continue to operate the Service and to provide you with the services and information you request.

We collect several types of information from and about you, including:

• information that, taken alone, identifies you and that can be used to contact you, on-line or offline ("Personally Identifiable Information"), which may include, for example, your name or email address;

• information about you that cannot be used alone to identify you ("Non-Personally Identifiable Information"), which may include, for example, demographic information including zip code, and information about your use of our Service, which may include, for example, information about your internet connection, or your computer or mobile device and software you use to access our Service, including your Internet Protocol ("IP") address or other device identifiers.

We collect and/or request information in two ways.

• Information you give us –

Account Information

You must register for an account in order to access the Service. By registering for the Service, you agree that we will have access to your account information, including your email address, name, language and country and other necessary information to provide you with the Service. This information may be personal to you, and by accessing the Service, you allow us to identify you.

We may use your contact information to send you information about our Service, ask follow-up questions relating to your use of the Service or to invite you to test future versions of the Service. We may also contact you in other circumstances when we believe it is necessary.

• Information we get from your use of the Service –

Halo Device Data

When you access and use the Service, we will collect and store the data you submit to or through the Service, including information on the amount of type of Neuropriming delivered, impedance and other device performance information, and information related to athletic, cognitive, or skill assessment. When you sync your Halo Device through the Halo App, data recorded on your Halo Device about your activity is transferred from your Halo Device to our servers. This data is stored and used to provide the Service and is associated with your account. Each time a sync occurs, we log data about the transmission. Some examples of the log data are the sync time and date, device battery level, and the IP address used when syncing.

IP Address Information and Other Information Collected Automatically

We automatically receive and record certain information when you access and use the Service, which may include your IP address, cookie information, hardware model, operating system version, unique device identifiers and mobile network information. Internet traffic information, such as IP address, is usually assigned in country-based blocks, so it can be used to at least identify the country of your device, and do things such as to provide you with the correct language and locale for search queries. This information is sent as a normal part of Internet traffic. Generally, the Service automatically collects usage information, such as the number and frequency of visitors to the Service. We may use this data in aggregate form—that is, as a statistical measure—but not in a manner that would identify you personally. This type of aggregate data enables us, and third parties authorized by us, to figure out how individuals use the Service so that we can improve it accordingly.

Information Collected Using Cookies and Web Beacons.

"Cookies" are small data files that are sent to your web browser when you access a website, and the files stored on your device's hard drive. We use "session" cookies to keep you logged in while you use our Service, to track your preferences and to track trends and monitor usage and web traffic information on our Service. We may use "persistent" cookies to relate your use of our Service to other information about you and store information about your preferences to make your user experience consistent and customized. Most browsers automatically accept cookies, but you can change your settings on the browser settings to refuse cookies or prompt you before accepting cookies. You can also use your browser settings or other tools to delete cookies you already have. However, if you disable or refuse cookies, then certain features of our Service may be inaccessible or not function properly.

Our cookies do not, by themselves, contain Personally Identifiable Information, and we do not combine the general information collected through cookies with other Personally Identifiable Information to tell us who you are. As noted, however, we do use cookies to identify that your web browser has accessed aspects of the Service and may associate that information with your account if you have one. Certain features of our Service may use local shared objects (or "flash cookies"). Flash cookies are small files similar to browser cookies that collect and store information about your preferences and where you browse and what you look at on our Service. Flash cookies are not managed by the same browser or device settings that are used for browser cookies. You may adjust your Adobe Flash Player settings to prevent flash cookies from being placed on your hard drive.

We may also use "clear GIFs" (aka "web beacons" or "pixel tags") or similar technologies on our Service or in our communications with you to enable us to know whether you have visited a part of our Service or received a message. A clear GIF is typically a one-pixel, transparent image (although it can be a visible image as well), located on a website or in an email or other type of message, which is retrieved from a remote website on the Internet enabling the verification of an individual's viewing or receipt of a website or message. We may also log information using digital images called web beacons on our Service or in our emails. We may use web beacons to manage cookies, count visits, and to learn what marketing works and what does not. We may also use web beacons to tell if you open or act on our emails. We do not track our users across third party websites and thus do not respond to Do Not Track ("DNT") signals.

This Privacy Policy also only covers our use of cookies and does not cover the use of cookies by third parties. We do not control when or how third parties place cookies on your computer. For example, third party websites to which a link points may set cookies on your computer.

Push Notification

When you access our Service, you may also be asked to allow Push Messages to be sent to you outside or inside of the Service. If you do so a device token will be generated, which is associated with you until you log out. We will collect and store these device tokens on our servers.

Our Use of Your Personal Information

We may use information that we collect about you or that you provide to us, including any Personally Identifiable Information to:

• provide to you and communicate with you about the services, content, features or products you use or request;

• customize and optimize the content you receive when you use the Service, and otherwise improve your experience on the Service;

• troubleshoot the Service, to detect and protect against error, fraud or other criminal activity, and to enforce our Terms of Service;

• secure your account and prevent fraud;

• in any other way we may describe when you provide the information; and

• for any other purpose with your consent.

Our Use of Your Non-Personally Identifiable Information

Halo is committed to furthering scientific research in the fields of neuromodulation, sports science, and human performance. Consequently, Halo may share, analyze, publish or sell aggregated, de-identified data that does not identify you, with partners and the public in a variety of ways, such as by publishing scientific papers on topics related to Neuropriming, publishing reports about athletic performance, or providing guidance to consumers or partners regarding best practices. When we provide this information, we perform appropriate procedures so that the data does not identify you and we contractually prohibit recipients of the data from re-identifying it back to you.

IMPORTANT: Even if you delete the Halo App, close your account or stop using the Service, we will retain the data collected from your use of the Halo Device, including data recorded on your Halo Device about your activity. However, Halo will use such information only in a manner such that the data does not identify you.

Sharing Personally Identifiable Information with Third Parties We may share Personally Identifiable Information in response to a valid law enforcement request or legal process, to protect our rights and property or those of third parties, or as otherwise permitted or required by law.

Additionally, we may disclose your Personally Identifiable Information without your consent:

• if we believe there is a serious and imminent threat to the life, health or safety of yourself or another person;

• to investigate or report on activity which we believe on reasonable grounds to be unlawful;

• if disclosure is required or authorized by law (for example, in response to a subpoena or where a regulatory authority has the power to request the provision of certain records or information);

• if disclosure is reasonably necessary to enable an enforcement body to perform its functions, for example the prevention, detection, investigation, prosecution or punishment of criminal offenses, or the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal; or

• if we deem it necessary in our sole discretion to protect our legal and legitimate business interests.

Business Transfers

As we continue to develop our business, we may sell, transfer or otherwise share your Personally Identifiable Information in connection with a merger, reorganization, bankruptcy or sale of our company. In such transactions, customer information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless the customer consents otherwise). Also, in the event that we are acquired or substantially all of our assets are acquired, customer information will likely be one of the transferred assets. You acknowledge and consent that such transfers are permitted by this Privacy Policy, and that any acquirer of ours or that acquirer's assets may continue to receive, store, and process your information as set forth in this Privacy Policy. You also consent to us providing access to your information as part of diligence or review processes conducted by potential acquirers, entities providing financing to them or us and their advisors.

Protecting Your Information

We have implemented policies and procedures, including technical measures, that are designed to help safeguard your information from unauthorized access, use or modification. However, we do not assure you that our systems are completely secure and advise you that we believe a persistent attacker with sufficient resources would be able to defeat the security measures we have in place.

Information You Can Access; Ability to Opt-Out

Examples of information you can access easily in the Service include up-to-date information regarding recent account activity; as well as Personally Identifiable Information (including name, mobile telephone number and e-mail). You may access and update such information by using the Service.

You have control over any settings related to the Push Messages, and can opt in or out of any Push Messages.

Children's Information

The Service is not directed to children and is not intended for any persons under 18 years of age. Moreover, we do not knowingly collect Personally Identifiable Information from subjects under 13 years of age. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, please contact us at support@haloneuro.com. If we become aware that a member is under the age of 13 and has provided us with Personally Identifiable Information without verifiable parental consent, we will delete such information from our file.

California Residents.

California residents may choose to request certain information regarding our disclosure of Personally Identifiable Information to third parties for their direct marketing purposes or choose to opt out of such disclosure. To make a request or to opt out at any time, please contact us at support@haloneuro.com or the other contact information provided below. Our policy is not to disclose Personally Identifiable Information collected online to a third party for directing marketing without your approval.

Changes to Privacy Policy

This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. It may be necessary from time to time for us to modify this Privacy Policy to reflect changes in the way we collect and use information or changes in privacy-related laws, regulations, and industry standards. Accordingly, we reserve the right to change this policy at any time by posting the revised policy on the Service and updating the "last modified" date at the top of this page. If the changes are material, we will include "recently updated" next to the link to this policy on the Service. We encourage you to refer to this Privacy Policy on an ongoing basis so that you understand our current privacy policy. If revisions to the Privacy Policy are unacceptable to you, you must cease using the Service (including the Halo Device).

Contact Us

If you have any questions or suggestions regarding our Privacy Policy, please contact us at support@haloneuro.com or Halo Neuroscience, 735 Market, 4th Floor, San Francisco CA 94103.