Privacy Policy
Last Updated: June 30, 2026
1. SCOPE AND DEFINITIONS
2. HOW WE COLLECT PERSONAL INFORMATION
3. WHAT PERSONAL INFORMATION WE COLLECT
4. USE OF PERSONAL INFORMATION
5. DISCLOSURES OF PERSONAL INFORMATION
6. SECURITY OF PERSONAL INFORMATION
7. AUTOMATED DECISION MAKING
8. ARTIFICIAL INTELLIGENCE
9. DATA RETENTION
10. INTERNATIONAL DATA TRANSFERS
11. THIRD PARTY WEBSITES AND APPLICATIONS
12. CHILDREN
13. YOUR PRIVACY CHOICES AND RIGHTS
14. CHANGES TO THIS PRIVACY POLICY
15. CONTACT INFORMATION
16. SUPPLEMENTAL NOTICE FOR CALIFORNIA RESIDENTS
17. SUPPLEMENTAL NOTICE FOR EEA, SWITZERLAND AND UNITED KINGDOM
18. SUPPLEMENTAL NOTICE FOR AUSTRALIA
19. SUPPLEMENTAL NOTICE FOR CANADA
20. SUPPLEMENTAL NOTICE FOR INDIA
21. SUPPLEMENTAL NOTICE FOR ISRAEL
22. SUPPLEMENTAL NOTICE FOR MALAYSIA
23. SUPPLEMENTAL NOTICE FOR MEXICO
24. SUPPLEMENTAL NOTICE FOR SINGAPORE
25. SUPPLEMENTAL NOTICE FOR SOUTH AFRICA
26. SUPPLEMENTAL NOTICE FOR UNITED ARAB EMIRATES
27. LYRA ENTITIES AND AFFILIATES
We are Lyra, a group of companies focused on connecting people with effective and convenient care for their mental and emotional well-being. We combine research-backed and evidence-based therapeutic methods, experienced providers, such as coaches and therapists, and technology, to offer personalized care.
1. SCOPE AND DEFINITIONS
General Scope
This Privacy Policy (“Policy”) describes how Lyra collects, uses and discloses personal information collected via our Websites, our mobile applications, our Services, including sessions with Lyra Providers, our events, and any other online or offline offering of ours that posts this Policy. If you do not agree with our privacy practices, please do not provide us with personal information, use our Services, or access our Websites.
Workforce Privacy Notice
To understand how Lyra collects, uses and discloses personal information about employment applicants, prospective employees, employees, previous employees, agency staff, directors, interns, contractors, contingent, and other personnel, including Providers (collectively, “Workforce”), please review the Lyra Workforce Privacy Notice.
Jurisdiction Specific Disclosures
This Privacy Policy applies to all individuals whose personal information Lyra processes, subject to additional notice content provided as set out below.
If you are in the United States and receive clinical services via our Services: See our HIPAA Notice of Privacy Practices for how Lyra and our Providers specifically use and disclose Protected Health Information (“PHI”).
If you reside in California, please see our Supplemental Notice for California Residents at Section 16 of this Policy (Supplemental Notice for California).
If you are located or reside outside of the United States, please see Sections 17 to 26 of this Policy for supplemental notices for specific jurisdictions which set out additional information related to rights you may have under the applicable privacy laws of your jurisdiction and disclosures required by the privacy laws of particular jurisdictions.
In case of a local conflict between Sections 1 to 16 and Sections 17 to 26, the content in Sections 17 to 26 takes precedence.
If you reside in a jurisdiction not specifically covered in Sections 16 to 26, we process your personal information in accordance with the remainder of this Policy, and applicable privacy laws.
Additional Policies from Providers and Partners
Where you receive Services directly from our Providers or Partners, they may have additional privacy policies or informed consent documents that describe their personal information handling practices; see those documents for more information on how the Provider or Partner may collect and process your personal information during care.
Additional Requirements from Lyra Benefit Sponsors
As part of setting up Lyra Services at their organization, some Lyra Benefit Sponsors may require or choose to add additional or different limitations or restrictions on personal information handling practices related to their Lyra offerings (i.e. Lyra Benefit Sponsors may add additional privacy restrictions or limitations above and beyond what is described in this Policy). Any such additional restrictions or limitations on personal information handling practices that have been agreed to between Lyra and Lyra Benefit Sponsors will be reflected in written agreements between them, and such terms will control how we deal with personal information under those arrangements. If you would like to understand the specific privacy arrangements tailored to your organization, please contact your Lyra Benefit Sponsor’s benefits or human resources department.
Are you providing us with personal information about someone else?
If you provide us with personal information about someone else, you are responsible for ensuring that you are permitted to share that personal data and comply with any applicable legal obligation. This may include explaining to that person why you are collecting and sharing their information and obtaining their consent if relevant under applicable data privacy laws. We also recommend that you direct them to read this Policy.
Definitions
| “Data Controller” | This is the entity that decides how and why your personal information is processed. Depending on where you are located and which Service you are using, the data controller (or “data fiduciary” or “responsible party” as it is known in some jurisdictions) will be a different affiliated entity of Lyra.
Please consult Section 27 of this Policy (Lyra Affiliated Entities and Regional Enquiries) to find out the relevant Data Controller of your personal information. |
| “Lyra” | Within the United States
In the United States, Lyra Health, Inc. works closely with a number of affiliates to deliver and facilitate coaching and clinical services, including: Lyra Behavioral Health, Inc., Lyra Health 2, Lyra Health Holdings, LLC, Lyra Clinical Associates P.C., a California professional corporation, Lyra Clinical of MA, P.C., Lyra Clinical of Kansas, P.A., and Lyra Clinical of New Jersey, P.C., Bend Health, Inc., Bend Health Psychiatric Services South, P.C., Bend Health Psychiatric Services South Central, P.A., Bend Health Psychiatric Services Atlantic, P.C., Bend Health Psychiatric Services Midwest, P.C., Bend Health Psychiatric Services Kansas, P.A., Psychiatric Telehealth Services, P.C., and Roots Psychiatric Services, P.C. Outside of the United States In this context, “Lyra” refers to:
Depending on the Lyra Service you are using, and your Lyra Benefit Sponsor location, you may receive Services from different Lyra entities. Please consult Section 27 of this Policy (Lyra Affiliated Entities and Regional Enquiries) to understand which Lyra entity is processing your personal information to deliver your Service. |
| “Lyra Benefit Sponsor” | Within this Policy, this means employers and other entities who sponsor employee and member access to our Services.
This is the entity that provides you with access to our Services as a benefit. This is typically your employer or a parent company within your employer’s corporate group that has entered into a service agreement with us. Identifying your Lyra Benefit Sponsor helps you understand the specific services available to you. If you are unsure who your Lyra Benefit Sponsor is, please consult your employer’s benefits or human resources team. |
| “Lyra Platform” | The ‘Lyra Platform’ is the solution developed by Lyra Health Inc. through which you can access Lyra Services (as defined below) if your Lyra Benefit Sponsor is located in the United States, regardless of where you are located in the world. |
| “Lyra Wellbeing Solutions” | The Lyra Wellbeing Solutions are the solutions offered by Lyra Health International Ltd and its affiliated entities, via which you can access Lyra Services (as defined below) if your Lyra Benefit Sponsor is located outside the United States.
The Lyra Wellbeing Solutions include the Lyra Wellbeing Hub App, a platform through which you can access media content relating to healthcare, wellbeing, lifestyle, financial and workplace topics, and Lyra Health International employee assistance program (EAP) Services. Note that, in certain circumstances, when you use Lyra Wellbeing Solutions you may elect to use our Services anonymously. |
| “Partners” | In certain geographic regions, we collaborate with independent third-party organizations (our “Partners”) to facilitate the delivery of care. These Partners act as independent Data Controllers, meaning they are separately responsible for the processing and security of your personal information. We share only the minimum necessary personal information required by Partners for them to provide the Services. |
| “Provider(s)” | Experienced clinical and non-clinical providers, such as therapists and coaches. |
| “Service(s)” | The Services comprise the provision and facilitation of a range of mental health and well-being offerings, including coaching, clinical services, counselling, and employee assistance program (EAP) services, along with supporting technology services and targeted training services. Lyra delivers these Services utilizing proprietary technology platforms such as the Lyra Platform and the Lyra Wellbeing Hub App (described above), and a global network of Providers and Partners. |
| “Websites” | The Websites comprise lyrahealth.com, lyrahealthinternational.com, any affiliated “micro-sites” set up for our customers (e.g. www.benefitsponsor.lyrahealth.com), our provider portal (also known as “Lyra Engage”) (provider.lyrahealth.com) and any other website owned or controlled by Lyra. Please note that, for the purpose of this Policy, our Websites form part of the Services. |
| “Lyra Member” | A person who is entitled to use Lyra Services as a benefit – either as a primary eligible individual or an eligible dependent or household member – and has started using the benefit by registering as a member. |
| “Prospective Customer” | Any individual acting in a professional capacity on behalf of a potential Lyra Benefit Sponsor or Partner (e.g. HR professionals or benefit managers) who interacts with our sales or marketing teams, attends our webinars, or requests information about Lyra’s services. |
| “Service User” | A person who is entitled to use Lyra Services as a benefit, but has not yet registered with Lyra. |
| “Website User” | Any individual who accesses or interacts with our Websites but is not registered with Lyra. |
2. HOW WE COLLECT PERSONAL INFORMATION
The categories of personal information we collect depend on our relationship with you and the requirements of applicable law. We collect information that:
- you provide to us;
- that we obtain when you use our Services and Websites;
- from other sources such as your Lyra Benefit Sponsor or Provider; and
- third party services and organizations, as described below.
This information may be held in a number of formats, including electronic records, and in various types of storage facilities.
3. WHAT PERSONAL INFORMATION WE COLLECT
ALL INDIVIDUALS (INCLUDING WEBSITE USERS, PROSPECTIVE CUSTOMERS, SERVICE USERS, MEMBERS)
Communicating with Lyra
If you communicate with us by email, phone, text message, online chat, or within any app or platform we operate, e.g. the Lyra Platform, Lyra Wellbeing Hub App, we will collect personal information from you, such as your name, contact information, and information you provide within your communication to us. If you are a Lyra Member, you have the option of using our secure electronic communication portal as described in Section 6 (Security of Information). Note that calls to Lyra’s care team may be recorded for training and monitoring purposes.
Information collected from interactive features
We may collect personal information that you submit or make available through our interactive features (e.g. messaging and chat features, commenting functionalities, forums, blogs, and social media pages). Any personal information you elect to make publicly available on our Services and Websites, such as posting comments on our blog page, will be available to others. Any information you provide on the public sections of these features will be considered “public” and not subject to the privacy protections referenced in this Policy, unless otherwise required by applicable law.
Information automatically collected
We automatically log information about you and your computer, phone, tablet, or other devices, including when you interact with our authenticated pages. Through use of secure, server-side tracking technologies, we automatically capture certain user events (such as page clicks) to understand how you navigate our Services. In particular, when visiting the Services, we log your computer or device identification, operating system type, browser type, browser language, the website you visited before visiting our Websites, as well as pages you viewed, how long you spent on a page, access times, and information about your use of and actions on the Services. How much of this information we collect depends on the type and settings of the device you use to access the Services, and any applicable legal limitations.
Cookies
We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, web server logs, web beacons, and other technologies (“Technologies”) to automatically collect information through your use of our Services. This information is collected to make the Services more useful to you and to tailor the experience with us to meet your special interests and needs. On our public website (lyrahealth.com), we may use these Technologies to deliver relevant content and ads. Within our authenticated, client-facing platforms, we strictly prohibit direct third-party tracking. Instead, to understand user engagement and measure the effectiveness of our outreach, we utilize a secure, HIPAA-compliant data routing platform. This technology acts as a protective intermediary to ensure that any data (such as page clicks or ad attribution) undergoes a strict de-identification process. No Protected Health Information (PHI) or identifiable profile data is ever shared with third-party advertising or analytics platforms. You may manage your preferences for these specific analytics technologies through the consent banner provided upon logging in.
Our uses of these Technologies fall into the following general categories:
- Operationally Necessary. This includes Technologies that allow you access to the Services, applications, and tools that are necessary to identify irregular website behavior, prevent fraudulent activity, and improve security, or that allow you to make use of our functionality.
- Performance-Related. We may use Technologies to assess the performance of the Services, including as part of our analytics practices to help us understand how individuals use the Services (see Analytics below).
- Functionality-Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using the Services. This may include identifying you when you sign into the Services or keeping track of your specified preferences, interests, or past items viewed.
- Advertising or Targeting-Related. We may use first-party or third-party Technologies to deliver content, including ads relevant to your interests, on lyrahealth.com or on third-party websites.
Analytics. We may use Technologies and other third-party tools to process analytics information on the Services. Some of our analytics partners include:
-
- Google Analytics. For more information, please visit Google Analytics’ Privacy Policy. To learn more about how to opt-out of Google Analytics’ use of your information, please click here.
- Mixpanel. For more information about Mixpanel, please visit Mixpanel’s Privacy Policy
- Heap. For more information about Heap, please visit Heap’s Privacy Policy.
- PathFactory. For more information about PathFactory, please visit PathFactory’s Privacy Policy.
Social media platforms
The Services may contain buttons to social media platforms such as X (previously Twitter), Facebook, and LinkedIn that might include widgets such as the “share this” button or other interactive mini programs. If you choose to use these features or widgets, they may collect your IP address and which page you are visiting on the Services, and may set a cookie to enable the feature to function properly. Your interactions with these platforms are governed by the privacy policy of the company providing the widget.
ALL SERVICE USERS AND LYRA MEMBERS
Information received from your Lyra Benefit Sponsor
We may receive personal information from your Lyra Benefit Sponsor to:
- Confirm your eligibility or the eligibility of your dependents or household member(s) (using your name, employee ID and date of birth).
- Inform you of the availability and scope of Lyra benefits (using your email or postal address).
- Collect necessary information to cover high alert situations when emergency care may need to be sent to the Lyra Member address (i.e. personal address and phone number).
- Measure the effectiveness of the Lyra benefit and do utilization reporting based on demographic information such as your gender, marital status, education level, employee title and department, health plan and insurance provider, information on the nature of the relationship with your dependents.
- Support communications with you, your Provider, or other individuals to support your care, as permitted by law.
In specific circumstances, and where appropriate consents have been obtained, the Lyra Benefit Sponsor may share information about the Lyra Member’s race or ethnic group.
Information collected from others
We may get information about you from other sources, such as:
- your Lyra Benefit Sponsor (as described above); and/or
- Providers, or other third parties who may be involved with your care.
For example, Lyra may collect demographic information, such as your name and telephone number or email address, from someone who refers you to Lyra for Services.
We may combine the personal information that we collect with data obtained from third parties, or through our products and Services. Additionally, you may also be able to access your Lyra account by signing on through various third party services, such as Google. Signing on through such third party services is voluntary. If you choose to sign on through a third party service, Lyra may collect certain information from your account including your public profile, user name, email address, birthday, stated location, city, contact lists, and other interactions on that platform (such as interests and likes). The information we may have access to will vary by platform and is controlled by your privacy settings and account settings on that platform. Your use of services on third party platforms is governed by the privacy statement and other terms of use for that third party platform, until such information is disclosed to us, and then such information is also subject to this Policy.
Voice and video information
If you consent, we may collect your voice and video images for ongoing quality improvement and quality assurance of our Services, and other purposes described at the time of consent. Any consent form you are provided with before agreeing to provide voice and video to us will provide additional information on how voice and video data is collected, used, and retained. Consent to the recording of your voice and video image is not required to receive the Services.
LYRA MEMBERS
Registering as a Lyra member
If you register as a Lyra Member, we may collect personal information from you including:
- Profile/contact information, e.g. your name, postal address, coarse, or approximate, location (if you choose to provide it when searching for a Provider), email address, phone number, username.
- Sensitive or demographic information, e.g. password, demographic information (such as your gender and date of birth, factors specific to physical, physiological, economic, cultural or social identity, as well as race, ethnicity, religious affiliations, sex life, sexual orientation and/or pronouns if you choose to disclose such information), information about your marital status, information about your mood, mental or physical health (including reproductive health and substance use history), or emotional state, trade union membership, as well as other information you directly give us through the Services.
- Information about third parties you elect, e.g. contact information of third parties in case of an emergency and beneficiaries under any insurance policy.
Using Lyra Services
Depending on the Lyra Services you use, you may be asked to complete additional forms (e.g. intake form, initial assessment, ‘consent for therapy’) which may ask for personal information such as your name, contact information, information about your current or historical health or mental health and treatment, and information on your lifestyle.
Parental and Guardian Information
If you are using Lyra Services on behalf of a minor, we may collect information regarding the relationship between the minor and legal guardian, as well as health plan provider name, Member ID, and Group ID for the policyholder.
Surveys
We may periodically send you optional surveys to collect your feedback on your experience with Lyra or to measure your progress in care. Understanding Lyra Member experience and outcomes from care is central to our mission of providing effective, evidence-based care, and data can help inform Lyra’s approach to treatment and assessment of progress, as well as the effectiveness of the Services.
TRAINING AND LIVE EVENT PARTICIPANTS
If you choose to enroll or participate in training or live events, such as ‘Lyra Gather’ sessions, ‘Learning Sessions’, ‘Discussion Series’, or ‘Workshops’, we will collect, use, and share information to register you for the sessions, including your name and email address. These sessions are conducted via video conference, and you may choose whether to display your name in the video conferencing tool, and whether to have your camera on or image displayed.
PROSPECTIVE CUSTOMERS
If you are an HR professional, benefits manager, consultant or other individual inquiring about Lyra’s Services on behalf of an organization, we collect information necessary to manage our professional relationship and respond to your inquiries, including:
- Business contact information, e.g. your name, professional email address, phone number, job title, and company name when you request a demo, download a whitepaper or contact our sales team.
- Event and webinar data: if you register for a Lyra-hosted webinar or visit our booth at a conference, we collect registration details and information about the topics that interest you.
- Communication records: we keep records of our interactions with you, including emails and notes from discovery calls, to better understand your organization’s needs.
CONSEQUENCES IF PERSONAL INFORMATION IS NOT COLLECTED
There is no law or contract between us and users of our Services requiring that individuals are required to use our Services. We ask users of our Services to provide certain personal information to verify eligibility to receive certain Services from us, certain essential details and lifestyle information in an intake form and initial questionnaire so that we may recommend Providers and/or a coaching program, and payment details to administer our late-cancellation and no-show policies.
We cannot provide personal recommendations or access to the Services unless such personal information is provided. You do not have to provide personal information that is not shown as required to receive our Services; the only consequence of not providing this personal information is that it will not be taken into consideration when we recommend Services and when receiving such Services.
4. USE OF PERSONAL INFORMATION
The purposes for which we use the personal information we collect about you are set out below and they depend upon our relationship with you, and any preferences you have communicated to us.
In addition, in certain jurisdictions we are required to set out our lawful basis or bases for each data processing purpose. Where we process certain sensitive personal information (sometimes referred to as special category personal information) such as health or diversity data, we are required to provide an additional legal ground for such processing.
WEBSITE USERS, SERVICE USERS AND LYRA MEMBERS
We use information about you to provide the Services as described below.
| Purpose for processing personal information | Category of individual |
|---|---|
To provide and procure the Services
|
Lyra Members |
Eligibility, IT, security, and risk
|
Lyra Members, Service Users |
Client Services
|
Lyra Members, Service Users |
Operational administration
|
Lyra Members, Service Users |
Audit
|
All individuals |
Marketing, communications, and advertisement
|
All individuals |
Research and innovation
|
Lyra Members, Service Users, Website Users |
Fraud and unlawful activities
|
All individuals |
Training and live events
|
Training and live event participants |
| Sales and business development
To evaluate potential partnerships, provide quotes, and manage the sales pipeline with Prospective Customers. |
Prospective Customers |
For additional detail on our personal information handling practices relating to Providers, please refer to the Lyra Workforce Privacy Notice.
In addition, we may use information about you in other ways or for other purposes, where you have given us consent to do so or for a specific purpose not listed above.
THIRD PARTY CONTACTS
In relation to business contacts at other third parties we engage with in the course of our business we may process basic personal information such as name, business contact details and job title. We process this personal information to:
- Manage and conduct our relationship with third parties in a business or professional capacity; and
- manage and administer our business.
In relation to such processing, we typically rely on such processing being in our legitimate interests, being necessary to manage our business.
5. DISCLOSURES OF PERSONAL INFORMATION
We disclose your personal information to third parties as described below.
Your Providers
Where you seek care, treatment or other services from a Provider available through the Services, your Provider will have access to the personal information that you have provided through your completed intake form and initial assessment to provide you with their services. If you switch Providers, we may disclose your personal information to your new Provider to facilitate a consistent care experience.
If you receive clinical services through us, we may share your information with your designated external Primary Care Provider (PCP) through secure electronic health record systems. This allows for the coordination of treatment and sharing of clinical data. You may opt out of this external PCP data sharing at any time.
Your Lyra Benefit Sponsor or Health Plan Administrator
To manage, administer, and evaluate their health and wellness programs, including providing information to support quality activities of the Health Plan, such as analyses for reduction in health care costs or for improvement in health outcomes. Unless permitted under applicable laws or authorized by you, we will not disclose any of the information you provide in intake forms, assessments, or sessions with Providers to your employer or your Lyra Benefit Sponsor. If you are enrolled in Lyra wellness programs, we may disclose your personal information, such as your name, email address, and completion status, to your Lyra Benefit Sponsor to track your completion status.
For Lyra Members who are minors, we may share similar eligibility and billing information with the primary policy holder’s health plan as required for insurance reimbursement.
Parents and legal guardians
For Lyra Members who are minors, we may disclose personal information, including treatment progress and clinical summaries, to the parent, legal guardian, or other personal representatives legally responsible for the minor’s care, as permitted by applicable federal, state and other applicable privacy laws.
Lyra affiliate entities
Sometimes we receive information from and share information among the Lyra affiliated entities for the processing purposes described in this Policy.
Other Lyra Service Users and Lyra Members
Some of Lyra’s Services, such as ‘Lyra Gather’, may allow you to communicate with other Lyra Service Users and Lyra Members.
Lyra’s third party service providers
We disclose your personal information to our third party service providers that support our provision of Services, such as:
- IT service providers
We share personal information with trusted IT service providers who support our business operations, including hosting and maintaining our systems and data, providing CRM platforms and enabling secure communications.
- Payment processors
We share personal information with payment processors and related financial service providers to manage payments, invoicing and other financial operations.
- Customer service providers
These service providers will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal information, and to process the personal information only as instructed.
Marketing and promotional disclosures
We do not sell your personal information or share it with third parties for their own marketing purposes. We do not share mobile information or SMS opt-in data with third parties or affiliates for marketing or promotional purposes. Text messaging originator opt-in data and consent are strictly excluded from all sharing categories and will not be shared with any third party for their own marketing purposes.
Analytics partners
We may use technologies and other third-party tools to process analytics information on the Services, including:
- Google Analytics
For more information, please visit Google Analytics’ Privacy Policy. To learn more about how to opt-out of Google Analytics’ use of your information, please click here.
- Mixpanel
For more information about Mixpanel, please visit Mixpanel’s Privacy Policy
- Heap
For more information about Heap, please visit Heap’s Privacy Policy.
- PathFactory
For more information about PathFactory, please visit PathFactory’s Privacy Policy.
Advertising partners
With your consent, we may disclose your personal information to third party advertising partners. These third party advertising partners may include Technologies and other tracking tools on our Websites to collect information regarding your activities and your device (e.g. your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising” or “personalized advertising.” Note that advertising technologies are not used on sites where Lyra Members login to access our Services and/or search for care (e.g. benefitsponsor.lyrahealth.com), they are only used on our corporate websites (such as lyrahealth.com and lyrahealthinternational.com).
What Happens in the event of a change of control of Lyra
We may buy or sell/divest/transfer our companies (including any shares in the companies), or any combination of their products, services, assets, and/or businesses. We may also sell, assign, or otherwise transfer your information in the course of corporate divestitures, mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of Lyra. Your information such as names and email addresses, and other information related to the Services, may be among the items transferred in these types of transactions.
Disclosures to protect you, us and others
We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate: to comply with law enforcement or national security requests and legal process, such as a court order or subpoena; when required by health oversight agencies for legally authorized health oversight activities; to protect your, our, or others’ rights, property, or safety, including to protect the security or integrity of the Services and any facilities or equipment used to make the Services available; to enforce our policies or contracts; to collect amounts owed to us or any Lyra Provider; or to assist with an investigation or prosecution of suspected or actual illegal activity or in an emergency.
Lyra Global Connect
Where you are located in a country where we have no affiliated entity, Provider or Partner, or where you are using Lyra Wellbeing Solutions and contacting Lyra out of service hours, you may be redirected to Lyra Global Connect. Lyra Global Connect handles care-related inquiries from members worldwide through various channels like chat, phone, and email, and provides support in real time when no other Lyra team is available.
De-identified and aggregated information
We may use personal information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, coarse, or approximate, location data, information about the device from which you access the Services, or other data sets we may create. In some cases, we use aggregated, de-identified clinical data to provide our customers (such as Lyra Benefit Sponsors) with insight into how their employees are using our Services, without identifying individuals personally. We will use de-identified information as part of our machine learning and artificial intelligence initiatives to improve our Services. Since it is no longer identifiable, dee-identified and/or aggregated information is not considered personal information for the purpose of applicable data protection laws and may be stored for longer periods where necessary.
We may share de-identified and aggregated information (such as aggregate usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with third parties who help us understand the usage patterns for certain Services and those of our partners. Lyra may also share with your Lyra Benefit Sponsor the outcomes and impact of the Services, which would consist solely of de-identified and aggregated data or analytics. We may use de-identified and/or aggregated data to demonstrate the value of our Services to current and prospective customers.
6. SECURITY OF PERSONAL INFORMATION
We are committed to protecting your privacy and personal information. We implement appropriate technical and organizational measures to ensure a level of security of personal information that is appropriate to the risk for the rights and freedoms of individuals. We have taken steps to implement safeguards and security measures to help prevent your personal information from being lost, used or accessed in an unauthorized way, altered or disclosed. However, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its security. If you have any questions about the security of the Services, you can contact us as described below in Section 15 (Contact Information).
Any text, email or other transmission you send unencrypted through the Internet cannot be completely protected against unauthorized interception. In particular, we want to make you aware that personal email may be unsecure. You are not required to authorize the use of your personal email for purposes of communicating with Lyra; a decision not to consent or to opt out of receiving these emails will not restrict your ability to access care from your Provider. You can choose to receive email from Lyra using our secure electronic communication system instead of your personal email. Our secure electronic communication system will require you to log into a separate portal to access the email that is being sent.
You can find more information on how we keep personal information secure here: Lyra – Our Commitment to Security.
7. AUTOMATED DECISION MAKING
Automated decision making occurs when a system makes a final decision about you without human oversight. This applies to decisions with legal or similarly significant consequences, such as those that impact your rights under a contract or law, or have a substantial and long-term impact on your personal circumstances or your ability to access important opportunities.
In relation to the processing purposes set out in this Policy, we do not currently engage in automated decision making, including when we use artificial intelligence. In the event we were to engage in automated decision making, you may have legal rights depending on where you are located. For more information see the relevant Supplemental Notice applicable to your jurisdiction set out in Sections 16 to 26 below.
8. ARTIFICIAL INTELLIGENCE
Occasionally when processing your personal information we may make use of AI, such as for improving our Services and streamlining our internal processes.
In addition, we may make use of AI powered tools in the provision of our Services, to enable Providers to complete manual, administrative and/or routine tasks more effectively, with the help of automated conversation notes and summaries.
Within the Lyra Platform, we use machine learning algorithms and recommendation engines to support clinical screening and Provider matching. When you complete a digital intake or initial health assessment, the system processes your responses to generate standardized screening scores that help indicate clinical acuity and care urgency. Our matching algorithm then evaluates these screening results alongside your stated care preferences, location, format requirements and Provider availability to rank suitable Providers based on fit with your needs.
This processing is used in a supportive and advisory manner only. These tools do not constitute automated decision making, do not produce final or binding outcomes, and do not automatically grant or deny access to Services. Final decisions, including whether to proceed with booking and which Provider to select, remain entirely with you.
Use of our automated digital intake and AI Provider matching is strictly optional. Members who prefer not to use these features may instead choose a human-supported pathway by contacting our Care Navigators using the contact details available in the Lyra Platform directly.If you are using Coaching Services in the Lyra Platform, you may also have access to Lyra AI. Lyra AI is an AI powered chat whose purpose is to provide support between coaching sessions, for example by sharing relevant coaching resources and exercises. It is always activated by a human coach, after you have explicitly consented to it. Lyra AI is human backed; this means it does not make decisions about you without professional human oversight. It also uses machine learning to detect “high alert” situations and notify a human being when you need urgent or more personalized support. Participation is strictly optional, and you may withdraw your consent or ask your coach to disable the feature at any time.
We may use de-identified information as part of our machine learning and artificial intelligence (AI) initiatives to improve the Services. We will comply with legal transparency requirements when you are interacting with AI.
9. DATA RETENTION
Your Privacy Choices. You have a number of choices you can make regarding your personal information, including as follows:
Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested and/or are using. We may also send you certain non-promotional communications regarding us and the Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to our Terms or this Privacy Policy).
Text Messaging (SMS). You may opt out of receiving text messages from us at any time by following the instructions in the text message/replying “STOP” to a text message you have received from us, by updating your communications preferences within your Lyra profile, or by contacting us as described below.
Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All other categories of personal information exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Mobile Devices. We may send you push notifications through our mobile application. You may opt out of receiving these push notifications by changing the settings on your mobile device.
Cookies and Interest-Based Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your browser or devices preferences, as they permit. However, if you adjust your preferences, the Services may not work properly or certain features may not be available. Please note that cookie-based opt-outs may not be effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS and others.
If you wish to opt out of targeted advertising, you may do so here.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada. Please note you must separately opt out in each browser and on each device.
Your Privacy Rights. In accordance with applicable law, you may have the right to:
- Access Personal Information about you, including: (i) confirming whether we are processing your personal information; (ii) obtaining access to or receiving a copy of your personal information; and (iii) receiving an electronic copy of personal information that you have provided to us, or (iv) asking us to send that information to another company (the “right of data portability”);
- Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information;
- Request Deletion of your personal information;
- Request Restriction of or Object to our processing of your personal information; and
- Withdraw your Consent to our processing of your personal information.
You may submit requests regarding your personal information by clicking here or contacting us as described below. If you have such rights and your request complies with applicable legal requirements, we will give effect to your rights and respond within any mandatory timeframes as required by law.
10. INTERNATIONAL DATA TRANSFERS
yra is a global business, and to offer our Services, we may need to transfer your personal information to third parties and/or to Lyra affiliated entities in other countries.
Please note that, if you are using the Lyra Platform, your personal information will be stored within the United States, where privacy rules differ and may be less stringent than those of the country in which you reside.
Lyra has entered an intragroup agreement that includes appropriate transfer mechanisms, including, where applicable, relevant Standard Contractual Clauses. You may find additional information about the measures we implement to protect your personal information when it is subject to cross-border transfer in the relevant Supplemental Notice applicable to your jurisdiction set out in Sections 16 to 26 below.
11. THIRD PARTY WEBSITES AND APPLICATIONS
The Services may contain links to other websites and applications, and other websites/ and applications may reference or link to our Services. These third party services and applications are not controlled by us. We encourage you to read the privacy notices and policies of each website and application with which they interact.
12. CHILDREN
Authorized Use for Services
Subject to applicable local legal requirements, Lyra provides specific clinical and coaching Services designed for children and adolescents. We do not knowingly collect any personal information from children under 13 without first obtaining verifiable parental consent from a parent or legal guardian. If you are a parent or guardian of a child under 13, you have the right to review the personal information we have collected, request its deletion, or withdraw your consent for further collection.
Unauthorized use
Lyra does not knowingly collect any personal information shared by children under 13 through our online and web based Services without receiving parental consent.
If you believe that Lyra has inappropriately received information from a child under the age of 13, please contact us as described below. If we become aware that a child has provided us with personal information in violation of applicable law, we will delete any personal information we have collected, unless we have a legal obligation to keep it, and terminate the child’s account if applicable.
13. YOUR PRIVACY CHOICES AND RIGHTS
Your Rights
Regardless of where you are located, Lyra respects your ability to exercise the rights afforded to you by applicable privacy laws. Depending on your jurisdiction, these rights may include:
- Access: the right to request a copy of the personal information about you.
- Correction: The right to ask us to update or correct inaccurate or incomplete personal information.
- Deletion (Erasure): The right to request that we delete your personal information, subject to certain legal exceptions.
- Objection and Restriction: The right to object to or ask us to restrict the processing of your personal information.
- Withdrawal of consent: Where we rely on your consent, the right to withdraw it any time.
For details specific to your region, please see the relevant Supplemental Notices in Sections 16 to 26 below. If your jurisdiction is not listed, we will still evaluate and respond to your request to exercise these rights in accordance with applicable privacy laws.
You may submit requests regarding your personal information by clicking here or contacting us as described below. If you have such rights and your request complies with applicable legal requirements, we will give effect to your rights and respond within any mandatory timeframes as required by law.
Your Privacy Choices
You have a number of choices you can make regarding your personal information, including as follows:
Email Communications
If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction or account related emails regarding products or Services you have requested and/or are using. We may also send you certain non-promotional communications regarding us and the Services, and you will not be able to opt out of those communications (e.g. communications regarding the Services or updates to our terms or this Policy).
Text Messaging (SMS). You may opt out of receiving text messages from us at any time by following the instructions in the text message/replying “STOP” to a text message you have received from us, by updating your communications preferences within your Lyra profile, or by contacting us as described below.
Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All other categories of personal information exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Mobile Devices
We may send you push notifications through our mobile application. You may opt out of receiving these push notifications by changing the settings on your mobile device.
Cookies and Interest-Based Advertising
You may stop or restrict the placement of Technologies on your device or remove them by adjusting your browser or devices preferences, as they permit. However, if you adjust your preferences, the Services may not work properly or certain features may not be available. Please note that cookie-based opt-outs may not be effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS and others.
If you wish to opt out of targeted advertising, you may do so here.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada. Please note you must separately opt out in each browser and on each device.
14. CHANGES TO THIS PRIVACY POLICY
We may change this Policy and our privacy practices, so please check this page from time to time. If we make any changes, we will change the Last Updated date above and/or notify you as required by applicable law.
15. CONTACT INFORMATION
If you are located in the United States, to contact us, including for any complaints, please use the contact information below.
Lyra Health, Inc.
270 E. Lane
Burlingame, California 94010
[email protected]
If you are located outside the United States, please consult Section 27 (Lyra Entities and Affiliates) to find the relevant contact information or contact [email protected].
16. SUPPLEMENTAL NOTICE FOR CALIFORNIA RESIDENTS
This Supplemental California Privacy Notice only applies to our processing of personal information about California individuals.
Do Not Track. We currently do not support the Do Not Track (“DNT”) browser setting or respond to DNT signals. DNT is a preference you can set in your browser to let the websites you visit know that you do not want them collecting certain information about you. For more details about DNT, including how to enable or disable this preference, visit https://termsfeed.com/do-not-track.
The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), provides California residents with the right to know what categories of personal information Lyra has collected about them and whether Lyra disclosed that personal information for a business purpose (e.g. to a service provider) in the preceding 12 months. California residents can find this information below:
| Category of Personal Information Collected by Lyra | Categories of Third Parties the Information is Disclosed to, for a Business Purpose |
|---|---|
| Identifiers
A real name, alias, postal address, online identifier, Internet Protocol address, email address, or other similar identifiers. |
|
| Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, address, telephone number, employment, employment history, medical information. |
|
| Protected classification characteristics under California or federal law
Age, race, ancestry, marital status (in relation to how family members are related), medical condition, physical or mental disability, sex (including gender, gender identity, gender expression). |
|
| Internet or other electronic network activity
Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement. |
|
| Geolocation data
Physical location or movements. |
|
| Audio, electronic, visual, thermal, olfactory, or similar information
Photos and video |
|
| Professional or employment-related information
Current or past job history |
|
| Inferences. Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
|
The categories of sources from which we collect personal information and our business and commercial purposes for using personal information are set forth above in Section 2 (“What Personal Information We Collect”).
As indicated in Section 2, we may also collect Sensitive Personal Information, as defined under the CCPA, as amended, including race or ethnicity, geolocation, and health data.
- Race/Ethnicity Data. We collect race/ethnicity data for clinical data and research purposes. We may also use aggregate race/ethnicity data for customer reporting purposes.
- Location and Health Data. We limit the uses of the geolocation data and health data we collect to those that are necessary to provide Lyra’s Services to our members, such as helping members find a Provider near them.
You have the right to request that we limit the use of your Sensitive Personal Information. If you would like to limit how we use this information, please select Limit the Use of My Sensitive Personal Information on the form here. Lyra will maintain this data as long as you: 1) remain a Lyra member, and 2) have not affirmatively withdrawn your consent.
Submitting Requests to Know, Delete, Amend, Port, Opt Out of Selling or Sharing and Limit the Use of Sensitive Personal Information. The CPRA gives California residents rights to request:
- Specific pieces of personal information we have collected
- Deletion of personal information
- Amendment of personal information
- That we transmit personal information to another entity
- To opt out of selling or sharing the information we collect
- To limit the use of Sensitive Personal Information that we collect
You may submit a verifiable consumer request to us to exercise any of these rights by clicking here or emailing us at the contact details above. We will process such requests in accordance with applicable laws.
California “Erasure Law” for Minors. If you are a California resident under the age of 18 and a registered user of our Services, you have the right to request and obtain the removal of content or information that you have posted to our platform. To request removal of content under this provision, you may submit a verifiable consumer request to us by clicking here or emailing us at the contact details above. Please note that removal does not ensure complete or comprehensive deletion of the content or information posted, including copies retained for legal or compliance purposes.
Verification. To protect your and others’ privacy, we will take steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. We verify consumer requests by matching personal information that you provide with information in our possession, in order to confirm your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.
“Sales” or “Sharing” of Personal Information under the CPRA. Under the CCPA’s broad definitions, Lyra may “sell” or “share” personal information through the use of advertising and analytics-related cookies and pixels on our corporate websites. We use these cookies and pixels for the sole purposes of analytics and for providing targeted behavioral advertising based on your interest in Lyra. You may adjust your cookie preferences on your device or remove them by adjusting your browser or devices preferences, as they permit, and you may use this Do Not Sell or Share My Personal Information form here to request that we do not collect or use your personal information for behavioral advertising. Lyra does not otherwise, in any way, “sell” or “share” your personal information. We also do not have actual knowledge of any “sale” or “sharing” of personal information of minors under 16 years of age.
| Category of Personal Information Collected by Lyra | Categories of Third Parties the Information is Shared With |
|---|---|
| Identifiers.
A real name, alias, postal address, online identifier, Internet Protocol address, email address, or other similar identifiers. |
Advertising networks and providers
|
| Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, address, telephone number, employment, employment history, medical information. |
|
| Protected classification characteristics under California or federal law
Age, race, ancestry, marital status (in relation to how family members are related), medical condition, physical or mental disability, sex (including gender, gender identity, gender expression). |
|
| Internet or other electronic network activity
Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement. |
|
| Geolocation data
Physical location or movements. |
|
| Audio, electronic, visual, thermal, olfactory, or similar information
Photos and video |
|
| Professional or employment-related information
Current or past job history |
|
| Inferences. Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
|
Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney under Probate Code sections 4000-4465 may submit a request on your behalf. To designate an authorized agent, please contact us as described below.
Accessibility. This Privacy Policy uses industry-standard technologies and was developed in line with the World Wide Web Consortium’s Web Content Accessibility Guidelines, version 2.1. If you wish to print this policy, please do so from your web browser or by saving the page as a PDF.
17. SUPPLEMENTAL NOTICE FOR EEA, SWITZERLAND AND UNITED KINGDOM
This Privacy Notice applies if you are located in the European Economic Area (EEA), Switzerland or United Kingdom.
PURPOSES AND LAWFUL BASES
| Purpose for processing personal information | Lawful basis for processing personal information (EU, Switzerland and UK only) | Category of individual |
|---|---|---|
To provide and procure the Services
|
Recognized legitimate interests:
Additional legal ground(s) for using your special category information:
|
Lyra Members |
Eligibility, IT, security, and risk
|
|
Lyra Members, Service Users |
Client Services
|
|
Lyra Members, Service Users |
Operational administration
|
|
Lyra Members, Service Users |
Audit
|
|
All individuals |
Marketing, communications, and advertisement
|
Additional legal ground for using your special category information:
|
All individuals |
Research and innovation
|
|
Lyra Members, Service Users, Website Users |
Fraud and unlawful activities
|
Recognized legitimate interests:
Additional legal ground for using your special category information:
|
All individuals |
Training and live events
|
|
Training and live event participants |
| Sales and business development
To evaluate potential partnerships, provide quotes, and manage the sales pipeline with Prospective Customers. |
|
Prospective Customers |
DATA TRANSFERS
Lyra’s U.S. entities, Lyra Health Inc. and Lyra Health Holdings, LLC, comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Lyra Health Inc. and Lyra Health Holdings, LLC have certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom in reliance on the UK Extension to the EU-U.S. DPF. Lyra Health Inc. and Lyra Health Holdings, LLC have certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF Principles require that we remain potentially liable if any third-party processing personal data on our behalf fails to comply with EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or Swiss-U.S. DPF Principles (except to the extent we are not responsible for the event giving rise to any alleged damage). Lyra Health Inc. and Lyra Health Holdings, LLC’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Please contact us as described below with any questions or concerns relating to our EU-U.S. DPF, the Swiss-U.S. DPF, or UK Extension to the EU-U.S. DPF Certifications. In compliance with the EU-U.S. DPF, the Swiss-U.S. DPF, and the UK Extension to the EU-U.S. DPF, Lyra Health Inc. and Lyra Health Holdings, LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, Swiss-U.S. DPF and the UK Extension to the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF, the Swiss-U.S. DPF, or the UK Extension to the EU-U.S Principles, those Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
YOUR RIGHTS
In the EEA, Switzerland and the UK you have the following rights relating to your personal information, subject to the conditions under the GDPR , UK GDPR and/or applicable local data protection law:
- Right to request access to personal information. You have the right to obtain from us confirmation as to whether your personal information is being processed, and, where that is the case, to request access to that personal information and details about how we process your personal information , including the categories of personal information processed, the purpose of the processing and the recipients or categories of recipients, the existence of automated decision-making, including profiling and you have the right to obtain copies of the personal information . However, this is not an absolute right and the interests of other individuals may restrict your right of access.
- Right to rectification. You have the right to obtain from us the rectification of inaccurate personal information concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal information completed, including by means of providing a supplementary statement.
- Right to erasure (right to be forgotten). You have the right to ask us to erase your personal information .
- Right to object. Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time, to the processing of your personal information , including profiling, by us. This includes the right to object to our processing of your personal information where we are pursuing our legitimate interests or those of a third party. If we process your personal information based on our legitimate interests or those of a third party, you can object to this processing, and we will cease processing your personal information , unless the processing is based on compelling legitimate grounds or is needed for legal reasons.
Moreover, if your personal information is processed for direct marketing purposes, you have the right to object at any time to the processing of personal information concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case, your personal information will no longer be processed for such purposes by us.
-
- Right to restriction of processing. In limited circumstances, you have the right to request restriction of processing of your personal information , in which case it would be marked and processed by us only for certain purposes.
- Right to data portability. You have the right to receive your personal information which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal information to another entity without hindrance from us.
- Right to withdraw consent. To the extent that you have given consent, you can withdraw your consent at any time with future effect by contacting us as described below. Such a withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.
- Rights in relation to automated decision making and profiling.
-
- (Where you are based in the EEA or Switzerland) You have the right not to be subject to a decision which is based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless one of the following applies:
- the decision is necessary for entering into, or performance of, a contract between you and us;
- you have given your explicit consent; or
- The decision is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests.
- Where such a decision is permitted under the conditions above, we implement suitable safeguards, including your right to:
- obtain human intervention;
- express your point of view; and
- contest the decision.
- (Where you are based in the EEA or Switzerland) You have the right not to be subject to a decision which is based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless one of the following applies:
- Decisions based solely on automated processing which involve the processing of special category data are prohibited, unless:
- you have given your explicit consent; or
- the processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law, and appropriate safeguards are in place.
- If you are based in the UK. You have the right not to be subject to a significant decision based entirely or partly on automated processing, including profiling, unless certain conditions are met.
- Where the significant decision is based entirely or partly on processing of special category data, it may not be taken based solely on automated processing, unless one of the following conditions is met:
- You have given your explicit consent; or
- the decision is necessary in the substantial public interest and is: (i) necessary for entering into, or performing a contract between us and you; or (ii) required or authorised by law,
- In all cases, where a significant decision is based entirely or partly on personal data and is based solely on automated processing, we must
- provide you with information about decisions taken;
- enable you to make representations about such decisions;
- enable you to obtain human intervention;
- enable you to contest such decisions.
- Right to complain.
-
- If you are based in the EEA or Switzerland: You also have the right to lodge a complaint with a supervisory authority. You may view a list of supervisory authorities in the EEA and Switzerland and their respective contact information here (however, you have the right to lodge a complaint in the Member State of your habitual residence, place of work or an alleged infringement of the GDPR):
| Jurisdiction | Data protection authority’s website |
|---|---|
| EEA | https://edpb.europa.eu/about-edpb/board/members_en |
| Switzerland | https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html |
- If you are based in the UK:
- If you have any complaints about our handling of personal information you can contact us on the relevant details set out in Section 27 (Lyra Entities and Affiliates).
- You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO“) (https://ico.org.uk/global/contact-us/).
- Rights after death. In some jurisdictions such as France, if applicable pursuant to local law, you also have the right to provide us with guidelines as to the processing of your personal information after your death.
You can exercise your rights by completing this form or by using the contact details set out at Section 16 (Contact Information) above.
18. SUPPLEMENTAL NOTICE FOR AUSTRALIA
COMPLAINTS
If you have any concerns or complaints about how we handle your personal information, or if you have any questions about this Privacy Policy, please contact us as described below.
Where you have a complaint or a request, in most cases we will ask that you put it in writing to us. We will investigate your complaint and will use reasonable endeavours to respond to you in writing within 30 days of receiving the written complaint. If we fail to respond to your complaint within 30 days of receiving it in writing or if you are dissatisfied with the response that you receive from us, you can contact the Office of the Australian Information Commissioner.
YOUR RIGHTS
In Australia, you may have the following rights relating to your personal information, subject to the conditions under the Privacy Act 1988 (the “Privacy Act”):
- The right to access your personal information. You have the right to request a confirmation of whether we hold your personal information and ask for a copy of the information we have about you.
- The right to rectification. You can ask us to correct, update, or complete any personal information we hold that may be inaccurate.
- The right to withdraw consent. If we rely on your consent to process your personal information, you may withdraw that consent at any time with future effect.
19. SUPPLEMENTAL NOTICE FOR CANADA
This Supplemental Notice for Canada applies to Lyra’s handling of personal information, including personal health information, of individuals in the Canadian provinces of Ontario, British Columbia, and Quebec.
CONSENT TO THE COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION
By using the Services, you are representing to Lyra that you have reached the age of majority in the Canadian province in which you reside, such that you can lawfully enter into agreements with Lyra and provide your informed and express consent with respect to Lyra’s collection, use, and disclosure of your personal information and personal health information. If you have not reached the age of majority in your province of residence, you may not use or access our Services or otherwise share your personal information or personal health information with us, unless your parent or another person lawfully entitled to give or refuse consent in the place of your parent has provided us with express consent on your behalf.
INTERNATIONAL DATA TRANSFERS
By using the Services, you acknowledge that your personal information, including personal health information, will be transferred outside of the Canadian province in which it was collected and outside of Canada, and will be stored on servers in the United States or other countries. We take measures to ensure that recipients in other jurisdictions (i) provide an adequate level of protection; (ii) will not use your personal information for purposes other than those described in this Privacy Policy.
ACCURACY OF PERSONAL INFORMATION
We will keep your personal information as accurate, complete and up-to-date as necessary for the purposes for which it is to be used pursuant to this Privacy Policy.
YOUR RIGHTS
In Canada, you may have the following rights relating to your personal information, subject to the conditions under the Personal Information Protection and Electronic Documents Act 2000 (“PIPEDA”) and other applicable data protection laws:
- The right to access your personal information. You have the right to request a confirmation of whether we hold your personal information and ask for a copy of the information we have about you.
- The right to rectification. You can ask us to correct, update, or complete any personal information we hold that may be inaccurate.
- The right to withdraw consent. If we rely on your consent to process your personal information, you may withdraw that consent at any time with future effect.
- The right to challenge compliance. You have the right to challenge an organisation’s compliance with PIPEDA.
ADDITIONAL CONSENT AND PRIVACY REQUIREMENTS IN THE PROVINCE OF QUEBEC
If you reside in the Canadian province of Quebec, please be advised that the following provisions apply to the collection of your personal information.
SERVICE PROVIDERS
Where Lyra transfers your personal information to third-party service providers, Lyra shall use safeguards to ensure that such third-party service providers will take necessary security measures with respect to the protection of your personal information that are reasonable given the sensitivity of the information, the purposes for which it is to be used, the quantity and distribution of the information and the medium on which it is stored.
LANGUAGE
The parties have expressly requested and required that this Privacy Policy and all other related documents be drawn up in the English language. Les parties conviennent et exigent expressément que cette politique ainsi que tous les documents qui s’y rapportent soient rédigés en anglais.
20. SUPPLEMENTAL NOTICE FOR INDIA
SENSITIVE PERSONAL DATA
With your consent, and if you choose to provide it, we may collect sensitive personal information (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information , including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent per Section 5(1) of the Information Technology (Reasonable security practices and procedures and sensitive personal information or information) Rules, 2011 (the “SPDI Rules”). You can withdraw your consent at any time with future effect.
YOUR RIGHTS
In India, you may have the following rights relating to your personal information , subject to the conditions under the SPDI Rules:
- The right to rectification. You may have the right to ask us to correct, update, or complete any personal information we hold that may be inaccurate or deficient.
- The right to withdraw consent. If we rely on your consent to process your personal information , you may withdraw that consent at any time with future effect.
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Entities and Affiliates).
21. SUPPLEMENTAL NOTICE FOR ISRAEL
DATA OF SPECIAL SENSITIVITY
With your consent, and if you choose to provide it, we may collect personal information of special sensitivity (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information , including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent per Section 1 of the Protection of Privacy Law as amended by Amendment 13 (the “PPL”). You can withdraw your consent at any time with future effect.
LAWFUL BASES FOR PROCESSING
We rely on the following justifications to process personal information of yours that does not fall within sensitive personal information , as appropriate in line with the PPL:
- According to your consent (“Consent Legal Basis”);
- Necessary for us to perform a contract with you or take steps at your request prior to entering into a contract (“Contract Performance Legal Basis”);
- Necessary for us to comply with an applicable legal obligation (“Legal Obligations Legal Basis”).
YOUR RIGHTS
In Israel, you may have the following rights relating to your personal information , subject to the conditions under the PPL:
- The right to access your personal information . You have the right to inspect any personal information we hold about you.
- The right to rectification. You can ask us, after an inspection, to correct, update, or complete any personal information we hold that may be inaccurate.
- The right to erasure. You have the right, in certain limited circumstances, and following an inspection, to request the deletion of your personal information .
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Entities and Affiliates).
22. SUPPLEMENTAL NOTICE FOR MALAYSIA
SENSITIVE PERSONAL DATA
With your consent, and if you choose to provide it, we may collect sensitive personal information (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information , including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent per Section 40(1)(a) of the Personal Data Protection Act 2010, as amended by the Personal Data Protection (Amendment) Act 2024 (the “PDPA”). You can withdraw your consent at any time with future effect.
If there is a life-threatening emergency and you are physically or legally incapable of giving consent, we may process personal information that falls within these special categories as necessary to protect your vital interests per Section 40(1)(b)(ii) of the PDPA.
LAWFUL BASES FOR PROCESSING
We rely on the following justifications to process personal information of yours that does not fall within sensitive personal information , as appropriate in line with Section 11 of the PDPA:
- According to your consent per Section 6(1)(a) PDPA (“Consent Legal Basis”);
- Necessary for us to perform a contract with you or take steps at your request prior to entering into a contract per Section 6(2)(a) and (b) PDPA (“Contract Performance Legal Basis”);
- Necessary for us to comply with an applicable legal obligation per Section 6(2)(c) PDPA (“Legal Obligations Legal Basis”).
YOUR RIGHTS
In Malaysia, you have the following rights relating to your personal information , subject to the conditions under the PDPA:
- The right to access your personal information . You have the right to request a confirmation of whether we hold your personal information and ask for a copy of the information we have about you.
- The right to rectification. You can ask us to correct, update, or complete any personal information we hold that may be inaccurate.
- The right to withdraw consent. If we rely on your consent to process your personal information , you may withdraw that consent at any time with future effect.
- The right to prevent processing for purposes of direct marketing. You can ask us to cease processing your personal information or purposes of direct marketing.
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Entities and Affiliates).
23. SUPPLEMENTAL NOTICE FOR MEXICO
SENSITIVE PERSONAL DATA
With your consent, and if you choose to provide it, we may collect sensitive personal information (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information , including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent per Article 8 of the Federal Law for the Protection of Personal Data held by Private Parties of the 20th of March 2025 (the “LFPDPPP”) you can withdraw your consent at any time with future effect.
If there is an emergency situation that could potentially harm an individual, we may process sensitive personal information as necessary to protect the individual per article 9.V. LFPDPPP.
LAWFUL BASIS FOR PROCESSING
We rely on the following justifications to process personal information of yours that does not fall within sensitive personal information , as appropriate in line with the LFPDPPP:
- According to your consent per Article 7 LFPDPPP (“Consent Legal Basis”), which you can revoke with future effect;
- Necessary for us to perform a contract with you per Article 9.IV. LFPDPPP (“Contract Performance Legal Basis”);
- Necessary for us to comply with an applicable legal obligation per Article 9.I. LFPDPPP (“Legal Obligations Legal Basis”);
- Necessary in order to protect an individual in an emergency situation per Article 9.V. LFPDPPP (“Emergency Situation Legal Basis”).
YOUR RIGHTS
In Mexico you have the following rights relating to your personal information, subject to the conditions under the LFPDPPP (“ARCO rights”):
- Right of access: You have the right to request access to your personal information , as well as information on how that personal information is processed.
- Right to rectification: You have the right to obtain from us the rectification of inaccurate personal information concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal information completed, including by means of providing a supplementary statement.
- Right to cancellation: You have the right to request the deletion of your personal information under certain circumstances.
- Right to object: You have the right to object to the processing of your personal information for legitimate reasons.
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Entities and Affiliates).
24. SUPPLEMENTAL NOTICE FOR SINGAPORE
LAWFUL BASES FOR PROCESSING
We rely on the following legal bases to process personal information of yours that does not fall within special categories, as appropriate under the Personal Data Protection Act 2012 (the “PDPA”):
- According to your consent, whether this content is deemed (e.g. where you have provided personal information to receive our Services, or where you have provided personal information necessary to perform a contract with you) per Section 15 PDPA or express (“Consent Legal Basis”)
- Necessary for us to comply with an applicable legal obligation per Section 13(b) PDPA (“Legal Obligations Legal Basis”)
- Necessary in order to protect the vital interests of the data subject or another natural person under First Schedule, Part 1 of the PDPA (“Vital Interests Legal Basis”), or
- Necessary for us to realise a legitimate interest based on an assessment of that interest and your privacy and other fundamental interests under the First Schedule, Part 3 of the PDPA (“Legitimate Interest Legal Basis”), where the legitimate interests could be in particular:
- open, maintain, administer, and manage profiles and accounts for registered members/users;
- ensuring internal quality control and safety;
- improving our Services;
- managing and conducting our relationships with third parties in a business or professional capacity;
- managing and administering our business;
- debugging to identify and repair errors with the Services;
- enforcing our agreements and policies;
- detecting security incidents;
- protecting against malicious, deceptive, fraudulent or illegal activity; and
- prosecuting those responsible for that activity; ensuring internal quality control and safety; protecting your safety or vital interests, or the safety or vital interests of others.
If we rely on your consent, you can withdraw your consent at any time with future effect by contacting us at the contact details listed below. For additional details regarding the lawful bases of processing your personal information specifically, please contact globalprivacy@lyrahealth.com.
YOUR RIGHTS
In Singapore you have the following rights relating to your personal information , subject to the conditions under the PDPA:
- Right to withdraw consent: You have the right to withdraw your consent to the processing of your personal information at any time.
- Right to be notified: You have the right to be informed of the purposes for which your personal information is collected, used or disclosed.
- Right of access: You have the right to request access to your personal information , as well as information on how that personal information has been used or disclosed within the past year.
- Right to rectification: You have the right to obtain from us the rectification of inaccurate personal information concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal information completed, including by means of providing a supplementary statement.
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Entities and Affiliates).
25. SUPPLEMENTAL NOTICE FOR SOUTH AFRICA
SPECIAL PERSONAL INFORMATION
With your consent, and if you choose to provide it, we may collect special personal information (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information, including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent per Section 27(1)(a) of the Protection of Personal Information Act (“POPIA” or “POPI Act”). You can withdraw your consent at any time with future effect.
LAWFUL BASES FOR PROCESSING
We rely on the following justifications to process personal information of yours that does not fall within special personal information, as appropriate in line with Section 11 of the Protection of Personal Information Act:
- According to your consent per Section 11(1)(a) POPIA (“Consent Legal Basis”)
- Necessary for us to perform a contract with you or take steps at your request prior to entering into a contract per Section 11(1)(b) POPIA (“Contract Performance Legal Basis”)
- Necessary for us to comply with an applicable legal obligation per Section 11(1)(c) POPIA (“Legal Obligations Legal Basis”)
- Necessary for us to realise a legitimate interest of the data subject per Section 11(1)(d), including where processing is necessary in order to protect the vital interests of the data subject (“Legitimate Interest of the Data Subject Legal Basis”), or
- Necessary for us to realise a legitimate interest based on an assessment of that interest and your privacy and other fundamental interests per Section 11(1)(f) (“Legitimate Interest Legal Basis”), where the legitimate interests could be in particular:
- open, maintain, administer, and manage profiles and accounts for registered members;
- ensuring internal quality control and safety;
- improving our Services;
- managing and conducting our relationships with third parties in a business or professional capacity;
- managing and administering our business;
- debugging to identify and repair errors with the Services;
- enforcing our agreements and policies;
- detecting security incidents;
- protecting against malicious, deceptive, fraudulent or illegal activity; and
- prosecuting those responsible for that activity; ensuring internal quality control and safety; protecting your safety or vital interests, or the safety or vital interests of others.
CROSS BORDER DATA TRANSFERS
We will only transfer your personal information outside of South Africa, in line with Section 72 of the POPI Act, if one of the following conditions is met:
- The country or organisation receiving your personal information has strong data protection laws or a binding agreement with us that guarantees protection equal to the standards of the POPI Act (including ensuring all subsequent recipients also protect your personal information);
- The transfer is necessary to enter into or perform a contract we have with you (e.g. where we provide you with a global Service);
- The transfer is necessary to enter into or perform a contract concluded in your interest between us and a third party;
- You have given us your clear content for the transfer.
YOUR RIGHTS
In South Africa, you have the following rights relating to your personal information, subject to the conditions under the POPI Act:
- The right to access your personal information. You have the right to request a confirmation of whether we hold your personal information and ask for a copy of the information we have about you.
- The right to rectification. You can ask us to correct, update, or complete any personal information we hold that may be inaccurate.
- The right to object to the processing of your personal information in certain circumstances (e.g. on reasonable grounds and if the responsible party does not have a strong legal reason to continue, or where your personal information is processed for direct marketing purposes).
- The risk to erasure. You can request that we delete or destroy your information if we no longer need it for the original purpose. Please note that we may need to retain some of your personal information if we reasonably require the record for lawful purposes related to our functions or activities.
- The right to withdraw consent. If we rely on your consent to process your personal information, you may withdraw that consent at any time with future effect.
- The right not to be subject to an automated decision. You have the right not to be subject to a decision based solely on automated processing if it significantly affects you.
- The right to lodge a complaint. You have the right to lodge a complaint with the South African Information Regulator.
You can exercise these rights by using the relevant contact details listed under the Section 27 (Lyra Affiliated Entities and Regional Enquiries).
26. SUPPLEMENTAL NOTICE FOR UNITED ARAB EMIRATES
SENSITIVE PERSONAL DATA
With your consent, and if you choose to provide it, we may collect sensitive personal information (such as sexual orientation, racial or ethnic origin, or religious belief information), such as in our intake forms and initial assessments, and in your communications to Lyra and its Providers.
We process this personal information , including disclosing this personal information to your selected Providers, solely for the purposes of facilitating your receipt of coaching services via our technological Services, in accordance with your explicit consent. You can withdraw your consent at any time with future effect.
LAWFUL BASES FOR PROCESSING
We rely on the following legal bases to process personal information of yours that does not qualify as sensitive personal information , as appropriate under the Federal Decree-Law No.45 of 2021 on the Protection of Personal Data (“PDPL”):
- According to your consent (“Consent Legal Basis”);
- Necessary for us to perform a contract with you or take steps at your request prior to entering into a contract (“Contract Performance Legal Basis”);
- Necessary for us to comply with an applicable legal obligation (“Legal Obligations Legal Basis”);
- If the processing is necessary to protect your interests (“Interest of the Data Subject Legal Basis”).
CROSS-BORDER DATA TRANSFERS
We will only transfer your personal information outside of the United Arab Emirates, in line with Section 23 of the PDPL, if one of the following conditions is met:
- The country or organisation receiving your personal information has strong data protection laws or a binding agreement with us that guarantees protection equal to the standards of the PDPL;
- The transfer is necessary to enter into or perform a contract we have with you (e.g. where we provide you with a global Service);
- The transfer is necessary to enter into or perform a contract concluded in your interest between us and a third party;
- You have given us your explicit content for the transfer.
YOUR RIGHTS
In the United Arab Emirates, you may have the following rights relating to your personal information , subject to the conditions under the PDPL and/or applicable local data protection law:
- Right to request access to personal information : You have the right to obtain from us confirmation as to whether your personal information is being processed, and, where that is the case, to request access to that personal information and details about how we process your personal information , including the categories of personal information processed, the purpose of the processing and the recipients or categories of recipients, the existence of automated decision-making, including profiling and you have the right to obtain copies of the personal information . However, this is not an absolute right and the interests of other individuals may restrict your right of access.
- Right to rectification: You have the right to obtain from us the rectification of inaccurate personal information concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal information completed, including by means of providing a supplementary statement.
- Right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
- Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, to the processing of your personal information by us. Moreover, if your personal information is processed for direct marketing purposes, you have the right to object at any time to the processing of personal information concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case, your personal information will no longer be processed for such purposes by us.
- Right to restriction of processing: In limited circumstances, you have the right to request restriction of processing of your personal information , in which case it would be marked and processed by us only for certain purposes.
- Right to data portability: You have the right to receive your personal information which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal information to another entity without hindrance from us.
- Right to complain: You have the right to lodge a complaint with the UAE Data Office.
27. LYRA ENTITIES AND AFFILIATES
AFFILIATES
Please note that in some regions, Lyra relies on preferred partners to deliver the Services. These partners are not part of the Lyra group of companies, or otherwise controlled by Lyra and will be solely responsible and wholly accountable for the management of your personal information under the applicable laws of their respective countries.
LYRA ENTITIES
In all other cases, where your personal information is processed by a Lyra entity, we provide a non-exhaustive list of regional offices below which you can contact for data-related queries.
For the purpose of this section, the term “Data Controller” shall be interpreted to include, where applicable, any similar or equivalent concept under data protection laws, such as “Responsible Party” “Data Fiduciary” or “Business.”
| Group entity and address | Jurisdictions covered by the entity | Contact details for exercising your rights and other enquiries |
|---|---|---|
| Lyra Health, Inc. 270 E. Lane Burlingame, California 94010 |
United States, any other jurisdiction where individuals are using the Lyra Platform.
Lyra Health Inc. is the Data Controller of your personal information if you use the Lyra Platform, regardless of the jurisdiction you are located in. Please note that one of the local entities below can also be a Data Controller if you are using local services not supported by the Lyra Platform (e.g.local EAP, phone counselling). |
To send a request to exercise your rights, please use the link that applies to your location:
If you are located in the US: Please send your request here. If you are subject to the GDPR (or any other similar data protection law providing similar rights): Please send your request here. You can also contact us at [email protected]. |
| Lyra Health International Ltd
85 Gresham Street, London, England, EC2V 7NQ |
Any jurisdiction where individuals are using the Lyra Wellbeing Hub App.
Lyra Health International is the Data Controller of your personal information if you use the Lyra Wellbeing Hub App, regardless of the jurisdiction you are located in. Please note that one of the local entities below can also be a Data Controller if you are using local services not supported by the Lyra Wellbeing Hub App (e.g. local EAP, phone counselling). |
[email protected] |
| ICAS Belgium BV
Schuman Roundabout, 2-4 (level 6). 1040 Brussels. Belgium |
Belgium | [email protected] |
| Lyra Health Canada ULC
Suite 2300, Bentall 5, 550 Burrard Street, Vancouver BC V6C 2B5 Canada |
Canada | [email protected] |
| Lyra Health Hungary Kft
1062 Budapest, Andrássy út 132. fszt. 1 |
Hungary | [email protected] |
| Lyra Mental Health India
A/312, 3rd Floor, Ahura Centre, 82 Mahakali Caves Road, Andheri (East), Chakala Midc, Mumbai, Maharashtra, India, 400093 |
India | [email protected] |
| Lyra Health Malaysia Sdn Bhd
12th Floor, Menara Symphony, No. 5 Jalan Prof. Khoo Kay Kim, Seksyen 13, 46200 Petaling Jaya, Selangor Darul Ehsan, Malaysia |
Malaysia | [email protected] |
| Lyra Health International Ltd (DMCC) Branch
Unit No: 1JLT-Nook-060, One JLT, Plot No: DMCC-EZ1-1AB, Jumeirah Lakes Towers, Dubai, United Arab Emirates |
Algeria Bahrain Egypt Iraq Jordan Kuwait Lebanon Libya Mauritania Morocco Oman Pakistan Palestine Qatar Saudi Arabia Senegal Tunisia UAE Yemen |
[email protected] |
| Lyra Mexico and Central America S. de R.L. de C.V
Avenida Pennsylvania 109, Napoles, Alcaldía de Benito Juarez, Mexico City 03180, Mexico |
Mexico Costa Rica República Dominicana El Salvador Honduras Venezuela Panamá Guatemala Nicaragua |
[email protected] |
| Lyra Netherlands BV
Fokkerstraat 12 3833 LD Leusden The Netherlands |
Netherlands | [email protected] |
| Lyra Health Singapore Pte Ltd
1 Harbourfront Avenue Keppel Bay Tower #14-07 Singapore 098632 |
Singapore | [email protected] |
| Lyra Health Spain SLU
Calle Arroyofresno 19, 28035 Madrid |
Spain | [email protected] |
| Lyra Southern Africa Pty Ltd
5th Floor Sandton Gate Building, 7 Minerva Avenue, Glenadrienne, Gauteng 2196 South Africa |
South Africa
Please note we have a service called Lyra Global Connect in South Africa which purpose is to cover out of hours calls for other countries. If you call Global Connect, the personal information you will provide on the call may be processed by Lyra Southern Africa Pty Ltd as a Responsible Party. |
[email protected] |
| Lyra Schweiz GmBH
8304 Wallisellen, Hertistrasse 25, Switzerland |
Switzerland | [email protected] |
| Lyra France SASU
14 Avenue de l’Opéra 75001 Paris, France |
France | [email protected] |
| Lyra Deutschland GmbH
Taunustor 1, TaunusTurm 60310 Frankfurt/M |
Germany | [email protected] |
| Lyra Italy SRL
Via Vincenzo Monti no. 8, Milan, Italy |
Italy | [email protected] |
| Lyra International Luxembourg
10, rue Nicolas Adames L-1114 Luxembourg |
Luxembourg | [email protected] |
| ICAS Austria GmBH
1030 Wien, Hohlweggasse 13/14, Austria |
Austria | [email protected] |
| Lyra UK & Ireland Ltd
85 Gresham Street, London, England, EC2V 7NQ |
United Kingdom
Ireland |
[email protected] |