- Information We Collect, and How We Collect It
Information That You Provide
We collect information and personal information from you. The categories of information we collect can include:
- Registration information. We collect personally identifiable information (“PII”) that you provide when you register for an account with the Service, such as your name, email address, and password.
- Procedure information. If you are a patient, you will be able to provide information about medical procedures you will receive. This information may include the type of procedure, date of procedure, location of procedure, facility where the procedure will occur, and future procedures. Following the procedure, a patient also will be able to share additional information about the procedure.
- Supporters and Communications. If you are a patient, you will be able to provide information about people you would like to invite to be your supporters so that they can use the Service and have access to information and updates about you and your procedure. You will be able to provide your supporters’ email addresses or phone numbers. Supporters and patients using the Service can input and exchange personal communications, information, and photographs for both of them to read and review. Such communications can include, but are not limited to, information about when the patient will arrive home after discharge and if he/she wants to have visitors, information about the patient’s home address. We also collect the notification preferences you select for each of your supporters and the number of supporters you invite to use the Service.
- Inquiries and Feedback. If you contact us, we will collect the information that you provide us, such as your contact information and the contents of your communication with us.
Information from Third Parties
We also collect and receive information about you from third parties, including the following:
- Patients. If you are a supporter, information such as your email address or phone number will be provided by a patient. The patient may also provide information about you in their communications with you and their other supporters through the Service.
- Supporters. If you are a patient, supporters may provide information about you in their communications with you and your other supporters through the Service.
- Information from medical professionals. If you are a patient, we will receive information about you from your medical providers. For example, medical professionals may provide your name, email address, or phone number to the Service to help initiate an invitation for you to use the Service. If you receive an invitation and register for an account, medical professionals also will provide information about your present and future medical center or hospital admissions and medical procedures, such as the nature and date of the procedure(s), and your status and stage prior to, during, and after the procedure(s) (e.g., Scheduled, Check-In, Pre-Op, Surgery, Recovery, Discharge, and Exited), as well as the time entering and exiting each phase. In addition, your healthcare providers may send profile photographs as well as their names, email addresses and phone numbers and their Facility Administrators’ and/or Facility Supervisors’ names, email addresses and phone numbers and other facility and provider information.
Information That Is Automatically Collected (Cookies and Other Technologies)
We also automatically collect information about you and any computer or device you use to access the Service. Some of the information we collect, and ways we collect it, include:
- Log Files. We automatically record log file information each time you access the Service. This information may include information such as details about how you use the Service or features/functionalities of the Service, your requests, IP address, browser type and version, unique device identifiers, information about your device, referring / exit pages and URLs, domain names, landing pages, pages viewed, and other such information. We use log file information to administer the Service and we analyze (and may engage third parties to analyze) such information to improve, customize and enhance the Service by expanding their features and functionality and tailoring them to our users’ needs and preferences. We may use your IP address to generate aggregate, non-identifying information about how the Service is used.
- Clear Gifs. We may employ clear gifs (also known as web beacons or pixel tags) which may collect information about you, or your device such as your web request, IP address, unique device identifiers, browser type, information about your device, pages viewed, and information about cookies, all of which can show your Service usage patterns. Unlike cookies, which are stored on the user’s device, clear gifs are typically embedded invisibly on web pages (or in an email).
- Mobile Device Information. When you access the Service with a mobile device, we may collect and store a unique identifier associated with your device (including, for example, a UDID, Unique ID for Advertisers (“IDFA”), Google Ad ID, or Windows Advertising ID), push notification service subscription IDs, phone numbers, email addresses and email IDs, mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, and information about your use of the Service.
- Location Information.
- Information Third Parties Collect
When you visit or use the Service, third parties may obtain information about you or your device. These third parties may include:
- Service Providers. We may use service providers to help us with the Service or any other lawful activity, including the other activities we describe under this Policy. This means service providers may collect, process, and store any of the information that we may collect under the Policy, and information collected in connection with the Service may be collected directly by our service providers. For example, we may use service providers to help us host or provide the Service, or store data and information collected in connection with the Service. Service providers are expressly obligated not to disclose or use your PII for any other purpose.
- Third Party Analytics Tracking. We may permit third party services to collect information about you, your computer or device when you visit or use the Service. This information may be collected automatically, and may include the information and methods described the “Information That Is Automatically Collected (Cookies and Other Technologies)” section above. These third parties may collect information about your use of the Service over time, and they may combine it with other information that they possess or obtain about you, such as about your use of other websites and services. These third parties may use this information for our or for third party purposes, including for analytics and other commercial purposes. For information about choices that you may have about this information collection and use, see the “Your Choices” Section below.
- How We Use Information
We collect, use, process, combine, retain and store personal information that we collect or receive for a variety of purposes, including the following:
- For our business activities, including to operate the Service and provide you with the Service features and functionalities, to maintain your Service account, and improve the Service;
- To communicate with you and respond to your requests, such as to respond to your questions, and to contact you about changes to the Service or account-related matters;
- For analytics and research purposes;
- To comply with contractual and legal obligations and requirements;
- To fulfill any other purpose for which you provide personal information; and
- For any other lawful purpose, or other purpose that you consent to.
- Sharing of Information
We also transmit, disclose, grant access to, make available, and provide PII to third parties, including:
- To service providers, subcontractors, partners, vendors, consultants, and others that help us with any of the purposes noted above or otherwise in this Policy, including, but not limited to, developers, hosts, customer support, email server providers, SMS providers and push notification vendors;
- To our affiliates, parent companies, subsidiaries, and other related companies, all for the purposes noted above or otherwise in this Policy;
- To third parties to respond or comply with, in our sole discretion, a court order, subpoena, law enforcement or other government request (with or without notice to you, in our discretion);
- To buyers, successors, or others in connection with a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which PII held by us may be among the assets transferred;
- To other third parties you designate with your consent or upon your consent, including, but not limited to, those you designate through the Service to receive information about your status such as supporters (who may receive information about current and future procedures); and
- Information Access and Correction
If you have registered for an account with the Service, we may provide you with the ability to access, review and change certain personal information by logging into the Service, visiting your account page, and using the features and functionalities available there.
Not all personal information is maintained in a format that you can access or change. If you would like to request access to, or correction or deletion of personal information, you may send your request to us at email@example.com. We will review your request, and may require you to provide additional information to identify yourself, but we do not promise that we will be able to satisfy your request. For example, the personal information may already have been relied or acted upon, or disclosed to third parties, and we generally do not take steps (or have the ability to take steps) to undo prior reliance or actions. We also may not accommodate a request to change information if we believe the change would violate any law or legal requirement, cause the information to be incorrect, or if doing so would be burdensome in our discretion.
We also offer the following options for patients who use the Service:
- When you log into the Service, you may modify supporters who receive information about you and control how your information is shared. You can change the sharing preferences for supporters at any time.
- Within the Service you can see supporters who are pending registration, see what email or phone number supporters use for registration, and can delete supporters after they have registered.
- You can stop the collection of information by the Service by deleting your account which will prevent supporters from continuing to use the Service to access information in the Newsfeed, Progress Bar, or Group Messaging features of the Service. You may also choose to delete specific procedures while keeping your account, which will prevent supporters from continuing to use the Service to access the information for that procedure.
- Your Choices
We strive to give you choices about how your personal information is used. Some of the choices we provide include the following:
- Sharing with supporters. If you would like to stop sharing information with your supporters, you can delete that supporter from your registered supporter network. You can also use the Service features and functionalities to limit the types of information about your procedure(s) that particular supporters can have access to by adjusting the sharing preferences at any time under Manage Contacts. The preferences are set at invitation but may be changed afterwards too by visiting Manage Contacts.
- Notifications to supporters. You may turn on text message or email updates about patients under the Account page after you have registered by email. If you are a supporter and are receiving text message or email updates about a patient, you can change your preferences for receiving such messages or emails by turning on/off settings in the Account screen off the Menu.
- Do Not Track Preferences
While we want to honor your privacy as described in this Policy, unfortunately the Service does not monitor for or behave differently if your device transmits a “do not track” or similar message to us or the Service.
- Data Protection
We take commercially reasonable steps to help protect all PII that we collect, but we do not guarantee that personal information will be completely protected. For example, the transmission of information via the Internet is not completely secure. Your use of the Service, and the transmissions of personal information by you or about you (e.g., from a patient if you are a supporter, from supporters if you are a patient, or from medical professionals if you are a patient) is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Service, including the illegal acts of third parties (such as criminal hacking).
The safety and security of your information also depends on you. For example, you should keep your Service account password confidential, and you should not share it with others. Also, after logging into the Service, you should log out when you are done using the Service. If you believe that any account credentials for the Service have been compromised, please contact us immediately at firstname.lastname@example.org.
If you have a patient account, you should also use care when inviting supporters to use the Service and to receive information about your procedure(s). For example, you should double check that you have the correct phone number or email address that you provide to send an invitation to them, and you may want to confirm with them that they have received it. If you send an invitation to the wrong phone number or email address, you should contact us at email@example.com.
While our platform is secure, the emails and text messages sent by the Service are not encrypted, so the status and location information contained in those communications could potentially be intercepted by an unauthorized third party. We recommend you and your supporters use more secure email platforms such as Google, Apple or Microsoft to reduce the risk of interception.
- Data Retention
We tend to keep personal information for as long as we deem necessary for our business purposes, or as otherwise required to operate the Service, comply with your requests, or comply with applicable law.
- Information from Children
The Service is not directed to children under the age of 13, and we do not knowingly collect PII from children under the age of 13. If you are a parent or guardian of a child under the age of 13, and believe that your child may have provided us with personal information, please contact us at firstname.lastname@example.org, and we will use commercially reasonable efforts to delete that information.
- Third Party Websites
The Service may provide links to third party websites and online services. This Policy does not describe the privacy practices of those websites or services. Please review the privacy policies of those websites or services before providing personal information to them.
- Updates to This Policy
- Contacting Us
If you have questions about this Policy or our privacy practices, please contact us at email@example.com or you may call 415-528-2555.
- Last Revision Date
This Policy was last revised on October 17, 2016.