Privacy Policy
DEGREE WELLNESS TEAM PORTAL PRIVACY POLICY
Last Updated: June 1, 2025
This Privacy Policy (the “Policy”) explains how Degree Wellness Franchise, LLC (“Degree Wellness,” “we,” “our,” or “us”) and its contracted technology provider, Everyday Media, LLC (collectively, the “Service Providers”), collect, store, use, and disclose personal information (“Personal Data”) in connection with the cloud‑hosted Degree Wellness Team Portal (the “Portal”).
The Portal is an internal, web‑based collaboration and operations platform that supports Degree Wellness corporate employees, franchise owners, and franchise employees located in the United States. Access is restricted to authorized Users only.
Except where otherwise indicated, this Policy applies solely to Personal Data processed through the Portal. It does not apply to (i) customer‑facing Degree Wellness websites, (ii) in‑studio point‑of‑sale systems, (iii) third‑party business systems used by franchisees (e.g., Mindbody consumer booking), or (iv) Everyday Media’s independent business activities unrelated to the Portal.
1. SCOPE AND KEY DEFINITIONS
“Account” The Portal workspace provisioned to a Degree Wellness corporate department or franchise entity, managed by one or more designated administrators (“Admins”).
“Customer Data” Content and data (including Personal Data) that Users upload or submit to the Portal in connection with their job duties.
“Service Providers” Everyday Media, LLC and any subcontracted vendors that host or support the Portal on behalf of Degree Wellness.
“User” An individual authorized by Degree Wellness to access the Portal—such as a corporate employee, franchise owner, or franchise employee—using unique login credentials.
2. CATEGORIES OF PERSONAL DATA WE COLLECT
We process three broad categories of Personal Data through the Portal:
2.1 Account Registration Data
• Name and surname
• Business or work email address
• Franchise or corporate role (e.g., Studio Manager, Marketing Associate)
• Phone number (optional)
• Profile photo (optional)
• Single‑Sign‑On (SSO) identifiers, if enabled
2.2 Usage and Technical Data
• IP address and approximate geolocation (city/state)
• Browser type, operating system, and device identifiers
• Date/time stamps of logins, logouts, and feature usage
• Clickstream data, activity logs, and error reports
• Cookies and session tokens (see Section 6)
2.3 Support & Communications Data
• Help‑desk tickets and email messages
• Screenshots or attachments Users choose to submit
• Phone or video recordings with Degree Wellness support personnel (with notice)
Note: The Portal is not intended to store protected health information (PHI), payment‑card data, or other highly sensitive data classes. Users should refrain from entering such data unless expressly authorized in writing by Degree Wellness compliance leadership.
3. HOW WE COLLECT PERSONAL DATA
3.1 Directly From Users
Users provide Personal Data when they:
• Accept an email invitation and create login credentials;
• Update their user profile;
• Upload files, enter text, or post comments in the Portal; or
• Submit support requests or feedback.
3.2 Automatically via the Portal
When Users access the Portal, we automatically log Usage and Technical Data via server logs, analytics scripts, and cookies.
3.3 From Degree Wellness Corporate Systems
For corporate Users, certain profile data (e.g., name, title, location) may sync from Degree Wellness’ human‑resources information system (HRIS) to streamline onboarding.
3.4 From Franchise Owners
Franchise owners may provide employee lists to Degree Wellness franchise operations staff, who upload those details to create user accounts on the Portal.
4. PURPOSES AND LEGAL BASES FOR PROCESSING
We use Personal Data for the following business purposes:
| # | Purpose of Processing | Examples of Activities | Legal Basis*
| 1 | Provide and operate the Portal | Authenticate logins, enable collaboration features, maintain user profiles | Contractual necessity
| 2 | Support and improve the Portal | Diagnose bugs, conduct usage analytics, develop new features | Legitimate interests
| 3 | Communicate with Users | Respond to support tickets, send system alerts or policy updates | Contractual necessity
| 4 | Enforce policies, prevent fraud | Audit logs, investigate suspicious activity | Legitimate interests; legal obligation
| 5 | Comply with U.S. laws | Retain records, satisfy subpoenas, or other lawful requests | Legal obligation
*For Users located in California, these purposes align with “business purposes” under the California Consumer Privacy Act (CCPA). Degree Wellness does not “sell” or “share” Personal Data as defined by the CCPA.
5. DISCLOSURES OF PERSONAL DATA
We disclose Personal Data only as described below:
5.1 Service Providers
Everyday Media, cloud‑hosting partners (e.g., Amazon Web Services), analytics vendors, and IT‑security providers may process Personal Data strictly to operate or secure the Portal. All Service Providers are bound by written agreements limiting their use of Personal Data to these purposes.
5.2 Other Users Within the Same Account
Profile information and content you create in the Portal may be visible to co‑workers in your Account, subject to role‑based permissions configured by the Admin.
5.3 Franchise & Corporate Leadership
Account Admins, franchise owners, or Degree Wellness corporate managers may access usage reports and content within their respective teams for oversight and compliance purposes.
5.4 Legal and Safety Disclosures
We may disclose Personal Data to government authorities or third parties if we believe disclosure is (i) required by law, subpoena, or court order; (ii) necessary to prevent or respond to fraud, security incidents, or other harmful acts; or (iii) needed to protect the rights, property, or safety of Degree Wellness, its franchisees, Users, or the public.
5.5 Corporate Transactions
If Degree Wellness undergoes a merger, acquisition, or sale of assets, Personal Data may be transferred to the acquiring entity, subject to continued protection consistent with this Policy.
6. COOKIES AND SIMILAR TECHNOLOGIES
We use the following types of cookies in the Portal:
| Type | Purpose | Duration | Session cookies | Maintain login state and route traffic to the nearest data center | Expires when you log out or close browser
| Security cookies | Detect authentication anomalies and prevent fraudulent logins | Up to 24 hours
| Analytics cookies | Aggregate usage metrics (page views, feature adoption) | 12 months
Users can control non‑essential cookies via their browser settings; however, disabling certain cookies may impair core Portal functionality. We do not respond to “Do Not Track” signals because essential cookies are required to deliver the Portal.
7. DATA LOCATION, TRANSFERS, AND STORAGE
The Portal is hosted on servers physically located in Amazon Web Services’ US‑East data centers (Northern Virginia and Ohio). Backup and disaster‑recovery replicas are stored within the continental United States.
Everyday Media personnel and authorized subcontractors may access the production environment from secure locations within the United States. Degree Wellness does not intentionally transfer Portal Personal Data outside the United States.
8. DATA RETENTION
We retain Personal Data for the shorter of:
• The duration of the User’s active employment or franchise relationship, plus up to 24 months; or
• As long as needed to comply with applicable U.S. laws, resolve disputes, or enforce agreements.
Upon Account termination, Degree Wellness will delete or anonymize Customer Data in archived backups within 90 days, unless a longer retention period is legally required.
9. YOUR PRIVACY CHOICES & RIGHTS
9.1 Access and Correction
Users may review and update their profile information directly in the Portal or by contacting their Account Admin.
9.2 Deletion
Users may request deletion of their Portal account by submitting a ticket to support@degreewellness.com. Degree Wellness will deactivate the account and delete Personal Data in accordance with Section 8.
9.3 California Privacy Rights
If you are a California resident, you may have the right to request (i) disclosure of categories or specific pieces of Personal Data we have collected about you, (ii) deletion of your Personal Data, and (iii) that we do not sell or share your Personal Data (note: we do not sell). You or an authorized agent can exercise these rights by emailing privacy@degreewellness.com. We will verify your request using information associated with your account.
Degree Wellness will not discriminate against you for exercising any privacy rights under California law.
10. DATA SECURITY AND INCIDENT RESPONSE
Degree Wellness and Everyday Media implement industry‑standard physical, administrative, and technical safeguards to protect Personal Data, including:
• TLS 1.3 encryption in transit
• AES‑256 encryption at rest
• Multi‑factor authentication for privileged access
• Annual penetration tests and vulnerability scans
• Continuous security monitoring and centralized logging
Incident Response. In the event of a confirmed data breach involving Portal Personal Data, Degree Wellness will notify affected Users and franchise owners without undue delay, consistent with applicable U.S. breach‑notification laws.
11. CHILDREN’S PRIVACY
The Portal is intended for adults engaged in Degree Wellness employment or franchise operations. We do not knowingly collect Personal Data from anyone under 16 years of age. If we discover that a minor has provided us with Personal Data, we will delete it promptly.
12. CHANGES TO THIS POLICY
We may update this Policy periodically. Material changes will be announced via an in‑Portal banner or email at least 30 days before they take effect. Continued use of the Portal after the effective date constitutes acceptance of the revised Policy.
13. CONTACT INFORMATION
Questions about this Policy or privacy practices may be directed to:
Degree Wellness Franchise, LLC
Attn: Legal Department
200 Riverside Avenue, Suite 8
Jacksonville, FL 32202
or by email support@degreewellness.com
BY ACCESSING OR USING THE DEGREE WELLNESS TEAM PORTAL, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO ITS TERMS.