Vital Circle

Privacy Policy

Vital Circle LLC (“us”, “we”, or “our”) provides web-based testing and vaccination verification, mail-to-home testing supplies, physical testing and onsite support, wellness surveys and contact tracing through proprietary processes and technologies to organizations. Vital Circle is committed to privacy and will only use information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual (“Personal Information”) in accordance with the terms of this Privacy Policy (“Policy”).  Further, Vital Circle intends to remain compliant with the California Consumer Privacy Act (“CCPA”), as modified by the California Privacy Rights Act (“CPRA”) and the European Union General Data Protection Regulation (“GDPR”), as well as any other applicable data privacy laws, and the terms of this Policy are to be interpreted in this manner.

This Policy describes how we collect, use, protect and disclose Personal Information we obtain via the websites we own or control (today or in the future), including, but not limited to,, and (collectively, the “Sites”), your use of any web-based applications we own or control (today or in the future), including the Vital Circle application (collectively, the “Applications” or “Apps”), and your use of any services we provide through the Sites or the Apps (collectively, together with the Sites and the Apps, the “Services”). You can access the Sites in many ways, including from a computer, tablet, mobile phone or internet enabled device, and this Policy will apply regardless of the means of access. This Policy also governs the use of Personal Information we obtain from you and any third-party site or application where we post content or invite your feedback or participation. Vital Circle cannot control the privacy policies or practices of sites or of companies that we do not own or control and cannot control the actions of people we do not employ or manage.

Please read this Policy carefully. This Policy is a legally binding contract between us and anyone who accesses or uses any of the Services (“you”). This Policy is incorporated into our Terms of Use for the Services. In the event of a conflict between this Policy and our Terms of Use, the Terms of Use will control.

If you do not want us to collect, use or share your Personal Information in the ways described in this Policy, please do not use the Services. By using the Services, you consent to the collection and use of your information (including Personal Information) by us as identified in this Policy.

Contact Us

If you have any questions about this Policy or wish to exercise your rights under this Policy or any applicable law, please email us at or mail us a letter at PO Box 57 Mount Mourne, NC 28123.

  1. Personal Information We Collect 

The information we learn from and about our customers helps us to personalize and continually improve your experience with us. This section describes what Personal Information we collect and the different ways we collect it. Please note that Personal Information does not include information that is publicly available information from government records or de-identified or aggregated consumer information.

Information We Collect from You

To use some of our Services, we ask you to provide certain Personal Information and, in some cases, require you to register for an account. While using the Services, we collect certain Personal Information including, but not limited to, your name, your email address, gender, date of birth, as well as health and symptom information, vaccination status, COVID-19 testing results documentation and proof of vaccination documentation. In addition, if contact-tracing is part of the client agreement, we will collect the device-to-device interactions through Bluetooth but will not record GPS coordinates or specific location information. Where applicable, we indicate whether you must provide us with your Personal Information in order to use the Services. If you do not provide the Personal Information, you may not be able to benefit from the Services if that information is necessary to provide you with the applicable Services or if we are legally required to collect it.

When you register for an account, we may access and collect the Personal Information you provide, such as your name, contact information (including your mailing and billing address), e-mail address, date of birth, phone number, username and password. We may also ask for additional Personal Information including your mobile phone number and your credit or debit card number or other financial account number. We will also collect and maintain information about all transactions associated with your account.

When you use some of our other Services, you may choose to provide certain information directly to us to request more information about our Services or for other reasons. We will collect, use, share and store this Personal Information consistent with this Policy.

Personal Information Automatically Collected

When you use our Services, our servers automatically record information that your browser or device sends whenever you visit a website or utilize an application. This information may include your IP address, the type of device you are using, the internet service provider or mobile carrier you are using, your device identifiers, your mobile telephone number, your geographic location and your activities within the Services, including the links you click, the pages or screens you view, your session time, the number of times you click a page/screen or use a feature of the Services, the date and time you click on a page or use a feature and the amount of time you spend on a page or using a feature.

Like many websites, our Sites also use “cookie” technology to collect additional website usage data and improve the Sites and our Services. A cookie is a small data file that we transfer to your computer’s hard disk. A session cookie enables certain features of the Sites and is deleted from your computer when you disconnect from or leave the Sites. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Sites. We may use both session and persistent cookies to better understand how you interact with our Sites, to monitor aggregate usage by our users and web traffic routing on our Sites, and to improve our Services. You may also be able to configure your computer or mobile device to limit the collection of these “cookies,” but that limitation may also limit our ability to provide all the Services or functionalities of the Sites or Apps. For more information about cookies, including how to set your internet browser to reject cookies, please go to

We may also automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or after you visit our Sites, the pages or other content you view or otherwise interact with on our Sites and the dates and times that you visit, access or use our Sites. We may also use these technologies to collection information regarding your interaction with email messages, such as whether you opened, clicked on or forwarded a message, to the extent permitted under applicable law.

Our Services use Google Analytics (and in the future may use other similar services), a web analytics service provided by Google, Inc. (“Google”), to better assist us in understanding how the Sites are used. Google Analytics will place cookies on your computer that will generate information that we select about your use of the Sites and the Applications, including your computer’s IP address. That information will be transmitted to and stored by Google. The information will be used for the purpose of evaluating customer use of the Sites and Applications, compiling reports on Site and Application activity for our use, and providing other services relating to Site and Application activity and usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. You may refuse the use of these cookies by selecting the appropriate settings on your browser or mobile device. Please note that by doing so, you may not be able to use the full functionality of the Services. The use of cookies by Google Analytics is covered by Google’s privacy policy. From time to time, we may enter into agreements with other third-party providers for web analytic and other similar services. If we enter into such an agreement, we may share your information, including your Personal Information, with the provider or such provider may have access to and collect your information on our behalf. Your information, including Personal Information, may be stored with the provider.

Please note that we have not yet developed a response to browser “Do Not Track” signals, and do not change any of our data collection practices when we receive such signals. We will continue to evaluate potential responses to “Do Not Track” signals considering industry developments or legal changes.

Information Collected by Third Parties

We may collect your Personal Information from third-party business partners such as social media sites, ad networks and analytics providers.  We may also collect your Personal Information from others that refer you to our Services including our clients who facilitate our ability to provide Services.

Our Services may contain links to other websites. The fact that we link to a website is not an endorsement, authorization, or representation of our affiliation with that third party. We do not exercise control over third-party websites. These other websites may place their own cookies or other files on your computer or mobile device, collect data or solicit Personal Information from you. Other sites follow different rules regarding the use or disclosure of the Personal Information you submit to them. We are not responsible for the content, privacy and security practices, and policies of third-party sites or services to which links or access are provided through our Services. We encourage you to read the privacy policies or statements of the other websites you visit.

  1. How We Use the Information We Collect

We may use your Personal Information for various purposes, including, but not limited to, the following:

Non-Marketing Purposes

We may use the Personal Information and other information we collect for non-marketing purposes including: (1) validating your identity; (2) sending you push notifications, text messages, or emails to provide you with alerts and updates about your account and the Services; (3) processing your transactions; (4) conducting statistical or demographic analysis; (5) complying with legal and regulatory requirements; (6) customizing your experience with the Services; (7) protecting and defending Vital Circle and its affiliates against legal actions or claims; (8) preventing fraud; (9) debt collection; (10) satisfying contractual obligations; (11) cooperating with law enforcement or other government agencies for purposes of investigations, national security, public safety or matters of public importance when we believe that disclosure of Personal Information is necessary or appropriate to protect the public interest; and (12) for other business purposes permitted under applicable law (collectively, “Non-Marketing Purposes”).

Other Purposes

Vital Circle also uses the collected data for the following public health objectives:

  • Helping your employer or administrator understand when symptoms of COVID-19 are developing at work, at your school, or in your community group;
  • Gaining a better understanding the symptoms of COVID-19;
  • Tracking the spread of COVID-19 across geographies and within employers, schools, and households;
  • Maintaining User status related to Covid-19 vaccination status and/or test results to verify participation eligibility at events hosted by our clients.

We may also use information in the aggregate to understand how our users as a group use the Services. Vital Circle will not collect additional categories of Personal Information or use the Personal Information we collect for materially different, unrelated, or incompatible purposes without providing you notice.

We will process your Personal Information for the purposes listed above on the basis of one or more of the following:

  • the processing is necessary for the performance of a contract or for entering into a contract with you. Please note that where this is the case, we may not be able to perform or enter into a contract with you unless you provide your personal data;
  • the processing is necessary to comply with a legal obligation;
  • you have given your consent (where we rely on this legal basis, we will always seek to obtain your consent separately as and when necessary).
  • we have a legitimate interest in the processing activity that you would normally expect from an organization.

III. Who We Share Personal Information With

Except as provided herein, we will not trade, rent, share, or sell your Personal Information to third parties. For business purposes, we may share certain Personal Information we receive from and about you, and about your transactions with us, with our affiliates and certain third parties. Doing so allows us to provide the Services you request. We may also share your Personal Information with the following third parties: 

Third-Party Service Providers

Your Personal Information may be shared with or collected by third-party service providers who provide us with services, including, but not limited to data hosting or processing and credit card processing. We require these third-party service providers to exercise reasonable care to protect your Personal Information and restrict their use of your Personal Information to the purposes for which it was provided to them.   We do not share your Personal Information with any third-party providers for the purpose of Marketing to you.

Anonymous Information

We may provide anonymized information to third parties, including governmental agencies for purposes of contact tracing and/or any governmental agency that requires COVID-19 outbreak/cluster data to be reported. Any anonymized information we provide to third parties is not considered Personal Information and is not subject to the terms of this Policy.

Sale of our Business; Bankruptcy

In the event of a merger, acquisition, bankruptcy or other sale of all or a portion of our assets, we may transfer or allow third parties to use information owned or controlled by us, which may include your Personal Information. We reserve the right, in connection with these types of transactions, to transfer or assign your Personal Information and other information we have collected from our customers to third parties or to authorize third parties to use any such information retained by us. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personal Information will be subject to this Policy. However, any information you submit or that is collected after this type of transfer may be subject to a new privacy policy adopted by the successor entity.

Compliance with Laws and Law Enforcement

Vital Circle cooperates with government and law enforcement officials or private parties to enforce and comply with the law. To the extent permitted under applicable law, we may disclose any information about you, including, but not limited to, your Personal Information, to government or law enforcement officials or private parties as we believe is necessary or appropriate to investigate, respond to, and defend against legal claims, for legal process (including subpoenas), to protect the property and rights of Vital Circle or a third party, to protect Vital Circle against liability, for the safety of the public or any person, to prevent or stop any illegal, unethical, fraudulent, abusive, or legally actionable activity, to protect the security or integrity of the Services and any equipment used to make the Services available, or to comply with applicable law.

  1. Collection/Processing of Payment Card Information

If you use our Services to arrange a shipment or otherwise engage in any transaction involving payment, you may be asked to provide payment information, including, but not limited to, payment card information. We will not ask you, and you are not permitted, to provide any payment card information via email, text, or other electronic means (excluding through the dedicated forms on the Sites and Apps). Any payment card information you properly provide to us is used exclusively to process payments for Services and related products you receive from us. Under no circumstances do we collect or keep payment card information on our servers.

  1. Security

Vital Circle is committed to protecting the security of the Personal Information you provide to us and that we collect about you. We maintain commercially reasonable safeguards to maintain the security and privacy of Personal Information we collect. Nevertheless, when disclosing Personal Information, you should remain mindful that there is an inherent risk in the use of email and the internet. Your information may be intercepted without your consent, collected illegally and used by others. We cannot guarantee the security of any information you disclose online, and you do so at your own risk.

  1. Underage Persons

The Services are for use by persons who are at least 18 years of age. If you are younger than 18, you may not access, attempt to access, or use the Services unless you obtain parental consent. We do not knowingly collect or allow the collection of Personal Information via the Services from persons underage, pursuant to applicable law and regulations, without parental consent. We do not knowingly collect or allow the collection of Personal Information via the Services from persons under the age of 13 without parental consent. If we learn that we have collected the Personal Information of someone under the age of 13 without parental consent, we will take appropriate steps to delete this information. If you are a parent or guardian of someone under the age of 13 and discover that your child has submitted Personal Information without your consent, you may contact us at and ask us to remove your child’s Personal Information from our systems.

VII. California Residents

California requires operators of websites or similar services to make certain disclosures to users who reside in California regarding their rights, specifically:


Shine the Light


For clarity, we will not trade, rent, share or sell your Personal Information to third parties unless you ask or authorize us to do so. However, if we disclose Personal Information that is primarily used for personal, family, or household purposes of a California user to a third party for said third party’s direct marketing purposes, we will identify such third party along with the type of personal data disclosed, upon your request.


For further clarification, please refer to the “Contact Us” section below. Under California law, businesses are only required to respond to a user’s request once during any calendar year.




Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. California law requires that we disclose to users how we treat do-not-track requests. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. We have not yet developed features that would recognize or respond to browser initiated Do Not Track signals in response to California law. In the meantime, there are technical means to prevent some of the tracking. See Section “Your Access to and Control Over Your Information”.


Personal Data Rights


California consumers have the right to request access to their personal data, additional details about our information practices and deletion of their personal information (subject to certain exceptions).  California consumers also have the right to opt out of sales of Personal Information, if applicable.   We describe how California consumers can exercise their rights under the CCPA below.  Please note that you may designate an authorized agent to exercise these rights on your behalf by providing written materials demonstrating that you have granted the authorized agent power of attorney.  Please note that if an authorized agent submits a request on your behalf, we may need to contact you to verify your identity and protect the security of your personal information.  We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify you are the consumer about whom we collected personal information.  We will not discriminate against you if you choose to exercise your rights under the CCPA and we will not deny you goods or services, charge you a different price, or provide you with a lesser quality of goods or services if you exercise any of your CCPA Rights.


  • RIGHTS TO KNOW – You may request, no more than twice in a 12-month period, access to the specific pieces of personal data we have collected about you in the last 12 months. You may also request additional details about our information practices, including the categories of personal information we have collected about you, the sources of such collection, the categories of personal information we share for a legitimate business or commercial purposes, and the categories of third parties with whom we share your personal information. You may make these requests by contacting using the contact information provided below in the “Contact Us” Section.   After submitting your request, please monitor your email for a verification email.  We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
  • CHANGES TO PERSONAL INFORMATION – If you believe the personal information we maintain about you is inaccurate, you may change this information by referencing the features available in the Sites and Apps. You may also request that we edit the information by contacting us as indicated in the Contact Us section of this Privacy Policy. Please note that changes to your personal information may require us to reevaluate your eligibility for participation in the Services.


  • COPIES OF PERSONAL INFORMATION – You may request, no more than twice in a 12-month period, transportable copies of your personal information that we have collected about you in the last 12 months. You may make these requests by contacting using the contact information provided below in the “Contact Information” Section.   After submitting your request, please monitor your email for a verification email.  We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.


  • DELETION -You may request that we delete the personal information we have collected about you. Please note that we may retain certain information as required or permitted by applicable law.  You may make these requests by contacting us using the contact information provided below in the “Contact Information” Section.  After submitting your request, please monitor your email for a verification email.  We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.


VIII. European Economic Area (“EEA”) Residents


As used herein, “Personal Information” is deemed equivalent to “personal data” as used in the EU General Data Protection Regulation (“GDPR”).


GDPR grants individuals who are in the European Union and European Economic Area certain rights, including:

  • the right to access your Personal Information
  • the right to rectify your Personal Information
  • the right to request erasure of your Personal Information, under certain conditions
  • the right to restrict processing of your Personal Information, under certain conditions
  • the right to object to processing of your Personal Information, under certain conditions
  • the right to data portability
  • the right to withdraw consent at any time
  • the right to lodge a complaint with a supervisory authority.


If you would like to exercise any of the above GDPR rights with respect to your Personal Information, please submit a written request using the information provided in the “Contact Us” section above. Our privacy team will examine your request and respond to you as quickly as possible.


Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.


  1. Storage of Data/International Data Transfers


We use commercially reasonable efforts to securely store your Personal Information and we store your information no longer than necessary for the purposes we collect your Personal Information.


Personal Information you submit through the Services may be sent to the other countries on our service providers’ servers. We will always protect your information in accordance with this Privacy Policy wherever it is processed.


We are a US based company and by accessing the Services, you grant us expressed consent to transfer your Personal Information to US servers. If you do not wish for us to transfer your Personal Information to the US, you must immediately cease any use of the Site or Services and please contact us using the information in the “Contact Us” section above.


This Policy sets out the privacy principles we follow with respect to transfers of Personal Information from the EEA to the United States, including Personal Information we receive from individuals residing in the EEA who visit our Site and/or who may use of our Services or otherwise interact with us.

  1. Changes to this Policy

We may revise this Policy from time to time in our sole discretion. We will notify you of any material revisions by placing notice of the revised Policy on our website or any place through which you access the Services. Your continued access or use of the Services following any amendments to the Policy constitutes your acceptance of the Policy as amended. It is your sole responsibility to monitor our website for changes to the Policy.

This Policy was last updated in August 2022.