At MyHealthID, Inc. ("MyHealthID," "we," or "us"), our most important value is ‘Patients
First', which
means that we are committed to protecting your privacy and we take great care with your personal information
that we
gather when you access or use MyHealthID.com and related websites, applications, and services owned
and operated
by MyHealthID and that link to this Privacy Policy (collectively, the "Services"). This Privacy
Policy is meant
to help consumers that use our Services to explore providers or book appointments ("Consumers") and
providers and health
systems that use our marketing services ("Clients," and collectively with Consumers, "you," or
"your")understand how we
treat your personal information. BY USING OR ACCESSING THE SERVICES IN ANY MANNER, YOU ACKNOWLEDGE THAT YOU
ACCEPT THE
PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY, AND YOU HEREBY CONSENT THAT WE WILL COLLECT, USE,
AND SHARE YOUR
INFORMATION IN THE FOLLOWING WAYS. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU MAY NOT USE THE
SERVICES. IF YOU
USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY (SUCH AS YOUR EMPLOYER), YOU
REPRESENT THAT
YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL'S OR
ENTITY'S BEHALF. A
Consumer's use of MyHealthID's Services is at all times subject to the Agreement (as the term
"Agreement" is
defined in our Terms of Use, which incorporates this Privacy Policy).You may print a copy of this Privacy
Policy by
clicking here. You can also learn more at MyHealthID.com/trust.Thank you so much for choosing
MyHealthID.
Personal Data
The following subsections detail the categories of Personal Data that we collect and have collected over
the past
twelve
(12) months. "Personal Data" means any information that identifies or relates to a particular individual
and also
includes information referred to as "personally identifiable information" or "personal information"
under applicable
data privacy laws, rules or regulations. For each category of Personal Data, these subsections also set
out the
source
of that Personal Data, our commercial or business purpose for collecting that Personal Data and the
categories of
third
parties with whom we share that Personal Data.More information regarding those sources and categories
are set forth
below.
Consumer Personal Data
THE FOLLOWING SUBSECTIONS APPLY ONLY TO CONSUMERS. IF YOU ARE A CLIENT, PLEASE SEE THE CLIENT PERSONAL
DATA SECTION
BELOW.
Categories of Personal Data We Collect
- Payment Information
- Examples of Personal Data Collected:
- Payment card type
- Last four digits of payment card
- Billing contact
- Billing email
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Device/IP Information
- Examples of Personal Data Collected:
- IP address
- Device ID
- Domain server
- Type of device/operating system/browser used to access the Services
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Third-Party Business Partners You Access Through the Services
- Web Analytics
- Examples of Personal Data Collected:
- Web page interactions
- Referring webpage/source through which you access the Services
- Non-identifiable request IDs
- Statistics associated with the interaction between device or browser and the Services
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Third-Party Business Partners You Access Through the Services
- Geolocation Data
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Third-Party Business Partners You Access Through the Services
- Other Identifying Information That You Voluntarily Choose to Provide
- Examples of Personal Data Collected:
- Unique identifiers such as passwords
- Personal Data in emails or letters you send to us
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Consumer Contact Data
- Examples of Personal Data Collected:
- First and last name
- E-mail
- Phone number
- Mailing address
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Healthcare Providers
- Insurance Providers
- Health Information Exchanges
- Parties You Authorize, Access or Authenticate
- Consumer Demographic Data
- Examples of Personal Data Collected:
- Gender
- Age
- Date of birth
- Zip code
- Race
- Ethnicity
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Healthcare Providers
- Insurance Providers
- Health Information Exchanges
- Parties You Authorize, Access or Authenticate
- Medical Data
- Examples of Personal Data Collected:
- Health conditions
- Healthcare Providers visited
- Reasons for visit
- Dates of visit
- Medical history and health information you provide us
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Healthcare Providers
- Insurance Providers
- Health Information Exchanges
- Parties You Authorize, Access or Authenticate
- Insurance Information
- Examples of Personal Data Collected:
- Insurance carrier
- Insurance plan
- Member ID
- Group ID
- Payer ID
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Healthcare Providers
- Insurance Providers
- Health Information Exchanges
- Parties You Authorize, Access or Authenticate
- Booking Appointment Data
- Examples of Personal Data Collected:
- Appointment date/time
- Provider information
- Appointment procedure
- Whether or not user is a new patient for a particular provider
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Healthcare Providers
- Health Information Exchanges
- Social Network Data
- Examples of Personal Data Collected:
- E-mail
- Phone number
- Username
- IP address
- Device ID
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Healthcare Providers
- Health Information Exchanges
Categories of Sources of Personal Data
- You
- When You Provide Information Directly to Us
-
When you create an account or use our interactive tools and services, such as searching for
Healthcare
Providers or
available appointments with Healthcare Providers and completing Medical History Forms prior to
Healthcare
Provider
appointments.
-
When you voluntarily provide information in free-form text boxes through the Services or through
responses
to surveys
and questionnaires, or post reviews.
When you send us an email or otherwise contact us.
- When Personal Data is Automatically Collected When You Use the Services
- Through Cookies (defined below).
-
If you download and install certain applications and software we make available, we may receive
and collect
information
transmitted from your computing device for the purpose of providing you the relevant Services,
such as
information
regarding when you are logged on and available to receive updates or alert notices.
-
If you download our mobile application or use a location-enabled browser, we may receive
information about
your location
and mobile device, as applicable.
- Third Parties
- Service Providers
-
We may use analytics service providers to analyze how you interact and engage with the
Services, or
third parties may
help us provide you with customer support.
- We may use service providers to obtain information to generate leads and create user
profiles.
- Advertising Partners
-
We receive information about you from some of our service providers who assist us with
marketing or
promotional services
related to how you interact with our websites, applications, products, services,
advertisements or
communications.
- Healthcare Providers
We may receive certain data from your Healthcare Provider or Clients to facilitate Consumer booking
of
appointments.
- Social Networks
-
If you provide your social network account credentials to us or otherwise sign in to the
Services
through a
third-party
site or service, you understand some content and/or information in those accounts may be
transmitted
into your
account
with us.
Commercial or Business Purposes for Collecting Data
- Providing, Customizing, and Improving the Services
- Creating and managing your account or other user profiles, billing.
- Providing you with the products, services and information you request.
- Meeting or fulfilling the reason you provided the information to us.
- Providing support and assistance for the Services.
- Improving the Services, including testing, research, internal analytics, and product
development.
- Personalizing the Services, website content and communications based on your preferences.
- Fraud protection, security and debugging.
- Marketing the Services
- Marketing and selling the Services.
- Showing you advertisements, including interest-based or online behavioral advertising.
- Corresponding with You
-
Responding to correspondence that we receive from you, contacting you when necessary or
requested, including
to
remind
you of an upcoming appointment, and sending you information about MyHealthID or the
Services.
-
Sending emails and other communications that display content that we think will interest you and
according
to your
preferences including notifying you about certain resources, Healthcare Providers or services.
- Legal Requirements
-
Fulfilling our legal obligations under applicable law, regulation, court order or other legal
process, such
as
preventing, detecting and investigating security incidents and potentially illegal or prohibited
activities.
- Protecting the rights, property or safety of you, MyHealthID or another party.
- Enforcing any agreements with you.
- Responding to claims that any posting or other content violates third-party rights.
- Resolving disputes.
How We Share Your Personal Data
In certain circumstances, we may share your Personal Data with the following categories of service
providers and
other
third parties for the indicated business purposes:
- Service Providers
Selected Recipients
- Ad Networks
- Ad customizing and serving.
-
Auditing related to a current interaction and concurrent transactions, including, but not
limited to,
counting ad
impressions to unique visitors, verifying positioning and quality of ad impressions, and
auditing compliance
with
this
specification and other standards.
- Health Information Exchanges
Health Information Exchanges and related organizations that collect and organize Consumer
information (such
as
Regional
Health Information Organizations) to make your information more securely and easily accessible
to your
Healthcare
Providers. The goal of such organizations is to facilitate access to health information to
improve the
safety,
quality,
and efficiency of patient-centered care. More information on Health Information Exchanges can be
found here.
- Healthcare Providers
-
Healthcare Providers with whom Consumers choose to schedule through the Services. For example,
if you
complete a
Medical
History Form using the Services in advance of an appointment and elect to share it with your
selected
Healthcare
Provider.
-
If you choose to use the applicable Services, Healthcare Providers to enable them to refer you
to and make
appointments
with other Healthcare Providers on your behalf or to perform analyses on potential health issues
or
treatments.
- In the event of an emergency.
- Insurance Providers
-
To determine eligibility and cost-sharing obligations, and to otherwise obtain benefit plan
information on
your
behalf.
- Parties You Authorize, Access or Authenticate
- Third-Party Business Partners You Access Through the Services
- We will share certain Personal Data if you choose to use any service to log in to the
Services.
- To meet or fulfill the reason you provided the information to us.
- Other Users
-
Any information that you may reveal in a review posting or online discussion or forum is
intentionally
open to the
public and is not in any way private. We recommend that you carefully consider whether to
disclose any
Personal Data
in
any public posting or forum. What you have written may be seen and/or collected by third
parties and may
be used by
others in ways we are unable to control or predict. You can learn more about our reviews
process at
MyHealthID.com/verifiedreviews.
Client Personal Data
THE FOLLOWING SUBSECTIONS APPLY ONLY TO CLIENTS. IF YOU ARE A CONSUMER, PLEASE SEE THE CONSUMER PERSONAL
DATA
SECTION ABOVE.
Categories of Personal Data We Collect
- Payment Information
- Examples of Personal Data Collected:
Payment card type
Last four digits of payment card
Billing contact
Billing email
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Device/IP Information
- Examples of Personal Data Collected:
- IP address
- Device ID
- Domain server
- Type of device/operating system/browser used to access the Services
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Third-Party Business Partners You Access Through the Services
- Web Analytics
- Examples of Personal Data Collected:
- Web page interactions
- Referring webpage/source through which you access the Services
- on-identifiable request IDs
- Statistics associated with the interaction between device or browser and the Services
- Source:
- Geolocation Data
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Ad Networks
- Third-Party Business Partners You Access Through the Services
- Other Identifying Information That You Voluntarily Choose to Provide
- Examples of Personal Data Collected:
- Unique identifiers such as passwords
- Personal Data in emails or letters you send to us
- Personal information that you disclose over the phone
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Client Contact Data
- Examples of Personal Data Collected:
- First and last name
- E-mail
- Phone number
- Mailing address
- Source:
- Third Parties with Whom We Share Data for Business Purposes:
- Service Providers
- Healthcare Providers
- Health Information Exchanges
Categories of Sources of Personal Data
- You
- When you create an account.
- When you send us an email or otherwise contact us.
- When Personal Data is Automatically Collected When You Use the Services
- Through Cookies (defined below).
- If you download and install certain applications and software we make available, we may receive
and collect
information transmitted from your computing device for the purpose of providing you the relevant
Services,
such as information regarding when you are logged on and available to receive updates or alert
notices.
- If you download our mobile application or use a location-enabled browser, we may receive
information about
your location and mobile device, as applicable.
- Third Parties
- Service Providers
- We may use analytics service providers to analyze how you interact and engage with the
Services, or
third parties may help us provide you with customer support.
- We may use service providers to obtain information to generate leads and create user
profiles.
- Advertising Partners
- We receive information about you from some of our service providers who assist us with
marketing or
promotional services related to how you interact with our websites, applications, products,
services,
advertisements or communications.
- Government or Public records
- We may use government or other public records for onboarding or verifying Clients
Commercial or Business Purposes for Collecting Data
- Providing, Customizing, and Improving the Services
- Creating and managing your account or other user profiles, billing.
- Providing you with the products, services and information you request.
- Meeting or fulfilling the reason you provided the information to us.
- Providing support and assistance for the Services.
- Improving the Services, including testing, research, internal analytics, and product
development.
- Personalizing the Services, website content and communications based on your preferences.
- Fraud protection, security and debugging.
- Marketing the Services
- Marketing and selling the Services.
- Showing you advertisements, including interest-based or online behavioral advertising.
- Corresponding with You
- Responding to correspondence that we receive from you, contacting you when necessary or
requested,
including to remind you of an upcoming appointment, and sending you information about
MyHealthID or
the Services.
- Sending emails and other communications that display content that we think will interest you and
according
to your preferences including notifying you about certain resources, Healthcare Providers or
services.
- Legal Requirements
- Fulfilling our legal obligations under applicable law, regulation, court order or other legal
process, such
as preventing, detecting and investigating security incidents and potentially illegal or
prohibited
activities.
- Protecting the rights, property or safety of you, MyHealthID or another party.
- Enforcing any agreements with you.
- Responding to claims that any posting or other content violates third-party rights.
- Resolving disputes.
- Onboarding Verification
- Confirming providers have necessary credentials to practice in the state where advertised.
How We Share Your Personal Data
In certain circumstances, we may share your Personal Data with the following categories of service
providers and
other third parties for the indicated business purposes:
- Service Providers
- Payment Processors
- Our payment processing partner (currently Stripe, Inc. ("Stripe")) collects your voluntarily
provided
payment card information necessary to process your payment.
- Please see Stripe's terms of service and privacy policy for information on its use and
storage of
personal data.
- Security and Fraud Prevention Consultants
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or
illegal activity,
and prosecuting those responsible for that activity.
- Hosting, Technology and Communications Providers; Fulfillment Providers; Data Storage Providers;
Analytics
Providers; Insurance Verification Providers; Staff Augmentation Personnel
- To perform operational services (such as hosting, billing, fulfillment, data storage,
security,
insurance verification, web service analytics) and/or make certain services, features or
functionality
available to our users.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use of Personal Data that is not used by another party to build a
consumer profile
or otherwise alter your consumer experience outside the current interaction.
- Performing services on our behalf, including maintaining or servicing accounts, providing
customer
service, processing or fulfilling orders and transactions, verifying customer information,
processing
payments, providing financing, providing advertising or marketing services, providing
analytic services,
or providing similar services on behalf of the business or service provider.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of our services.
- Selected Recipients
- Ad Networks
- Ad customizing and serving.
-
Auditing related to a current interaction and concurrent transactions, including, but
not limited
to, counting ad impressions to unique visitors, verifying positioning and quality of ad
impressions,
and auditing compliance with this specification and other standards.
- Health Information Exchanges
- Health Information Exchanges and related organizations that collect and organize
Consumer
information (such as Regional Health Information Organizations) to make your information
more
securely and easily accessible to your Healthcare Providers. The goal of such
organizations is to
facilitate access to health information to improve the safety, quality, and efficiency
of
patient-centered care. More information on Health Information Exchanges can be found
here.
- Parties You Authorize, Access or Authenticate
- Third-Party Business Partners You Access Through the Services
- We will share certain Personal Data if you choose to use any service to log in to the
Services.
- To meet or fulfill the reason you provided the information to us.
THE FOLLOWING SECTIONS APPLY TO BOTH CONSUMERS AND CLIENTS.
Business Transfers
All Personal Data may be transferred to a third party if we undergo a merger, acquisition,
bankruptcy or other
transaction in which that third party assumes control of our business (in whole or in part). Should
one of these
events occur, we will make reasonable efforts to notify you before your information becomes subject
to different
privacy
and security policies and practices.
Tracking Tools, Advertising and Opt-Out
The following sections provide additional information about how we collect your Personal Data.
Information Collected Automatically
The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs,
mobile
identifiers,
and
JavaScript (collectively, "Cookies") to enable our servers to recognize your web browser and tell us
how and
when
you
visit and use our Services. We do this to analyze trends, learn about and advertise to our user
base, and
operate
and
improve our Services. For example, we use Cookies to tailor the Services or customize advertisements
by tracking
navigation habits, measuring performance, storing authentication status so re-entering credentials
is not
required,
customizing user experiences with the Services and for analytics and fraud prevention. Cookies are
small pieces
of
data–
usually text files – placed on your computer, tablet, phone, or similar device when you use that
device to visit
our
Services. We may also supplement the information we collect from you with information received from
third
parties,
including third parties that have placed their own Cookies on your device(s).
We use the following types of Cookies:
- Essential Cookies. Essential Cookies are required for providing you with features or services
that you have
requested.For example, certain Cookies enable you to log into the secure areas of our Services.
Disabling
these Cookies may make certain features and services unavailable.
-
Functional Cookies. Functional Cookies are used to record your choices and settings regarding
our Services,
maintain
your preferences over time and recognize you when you return to our Services. These Cookies help
us to
personalize
our content for you, greet you by name, and remember your preferences (for example, your choice
of language
or
region).
-
Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how
visitors use our
Services
such as by collecting information about the number of visitors to the Services, what pages
visitors view on
our
Services,
how long visitors are viewing pages on the Services, mouse clicks, mouse movements, scrolling
activity, and
text
typed
into the Services. Performance/Analytical Cookies also help us measure the performance of our
advertising
campaigns
in
order to help us improve our campaigns and the Services' content for those who engage with our
advertising.
For
example,
Google Inc. ("Google") uses cookies in connection with its Google Analytics services. Google's
ability to
use and
share information collected by Google Analytics about your visits to the Services is subject to
the Google
Analytics
Terms
of Use and the Google Privacy Policy. You have the option to opt-out of Google's use of cookies
by visiting
the
Google
advertising opt-out page at www.google.com/privacy_ads.html or the Google Analytics Opt-out
Browser Add-on
at
https://tools.google.com/dlpage/gaoptout/.
-
Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online
activity and
identify
your interests so that we can provide advertising that we believe is relevant to you. For more
information
about
this,
please see the section below titled "Information about Interest-Based Advertisements."
-
Web Beacons. Web Beacons (e.g., clear GIFs or pixel tags) are tiny graphic image files embedded
in a web
page or
email
that may be used to collect information about the use of our Services, the web services of
selected
advertisers and
the
emails, special promotions or newsletters that we send. The information collected by Web Beacons
allows us
to
analyze
how many people are using the Services, using selected publishers' web services or opening
emails, and for
what
purpose,
and also allows us to enhance our interest-based advertising (discussed further below).
-
Mobile Device Identifiers. Mobile device identifiers help MyHealthID learn more about
our users'
demographics
and internet behaviors. Mobile device identifiers are data stored on mobile devices that may
track mobile
device and
data and activities occurring on and through it, as well as the applications installed on
it.Mobile device
identifiers
enable collection of Personal Data (such as media access control, address and location, and
tracking data,
including
without limitation IP address, domain server, type of device(s) used to access the Services, web
browser(s)
used to
access the Services, referring webpage or other source through which you accessed the Services,
other
statistics and
information associated with the interaction between your browser or device and the Services).
- Cross Device Matching. To determine if users have interacted with content across multiple
devices and to
match such devices, we may work with partners who analyze device activity data and/or rely on
your
information (including demographic, geographic and interest-based data). To supplement this
analysis, we may
also provide de-identified data to these partners. Based on this data, we may then display
targeted
advertisements across devices that we believe are associated or use this data to further analyze
usage of
Services across devices.
You can decide whether or not to accept Cookies through your internet browser's settings. Most
browsers have an
option for turning off the Cookie feature, which will prevent your browser from accepting new
Cookies, as well
as (depending on your browser software) allow you to decide on acceptance of each new Cookie in a
variety of
ways. You may also be able to reject mobile device identifiers by activating the appropriate setting
on your
mobile device. You can also delete all Cookies that are already on your computer. Although you are
not required
to accept Pverfiy's Cookies, if you block, reject, or delete them, you may have to manually adjust
some
preferences every time you visit a site and some of the Services and functionalities may not work.
To explore what Cookie settings are available to you, look in the "preferences" or "options" section
of your
browser's menu. To find out more information about Cookies, including information about how to
manage and delete
Cookies, please visit http://www.allaboutcookies.org/.
Your browser may offer you a "Do Not Track" option, which allows you to signal to operators of
websites and web
applications and services that you do not wish such operators to track certain of your online
activities over
time and across different websites. Not all browsers offer a Do Not Track option and there is
currently no
industry consensus as to what constitutes a Do Not Track signal. Please note that, for these reasons
and because
of our use of Cookies, our Services, like many website operators, do not support "Do Not Track"
requests sent
from a browser at this time. To find out more about "Do Not Track," you can visit
www.allaboutdnt.com.
Information about Interest-Based Advertisements:
We may serve advertisements, and also allow third-party ad networks, including third-party ad
servers, ad
agencies, ad technology vendors and research firms, to serve advertisements through the Services.
These
advertisements may be targeted to users who fit certain general profile categories or display
certain
preferences or behaviors ("Interest-Based Ads"). Information for Interest-Based Ads (including
Personal Data)
may be provided to us by you, or derived or inferred from the online activity or usage patterns of
particular
users on the Services and/or services of third parties. Such information may include IP address,
mobile device
ID, operating system, browser, web page interactions, geographic location and demographic
information, such as
gender and age range. Such information may be gathered through tracking users' activities across
time and
unaffiliated properties, including when you leave the Services. To accomplish this, we or our
service providers
may deliver Cookies, including Web Beacons, from an ad network to you through the Services. Web
Beacons allow ad
networks to provide anonymized, aggregated auditing, research and reporting for us and for
advertisers. This
information helps MyHealthID learn more about our users' demographics and internet
behaviors. Web
Beacons also
enable ad networks to serve targeted advertisements to you when you visit other websites. Web
Beacons allow ad
networks to view, edit or set their own Cookies on your browser, just as if you had requested a web
page from
their site.
We comply with the Digital Advertising Alliance ("DAA") Self-Regulatory Principles for Online
Behavioral
Advertising. Through the DAA and Network Advertising Initiative ("NAI"), several media and marketing
associations have developed an industry self-regulatory program to give consumers a better
understanding of, and
greater control over, ads that are customized based a consumer's online behavior across different
websites and
properties. To make choices about Interest-Based Ads from participating third parties, including to
opt-out of
receiving behaviorally targeted advertisements from participating organizations, please visit the
DAA's or NAI's
consumer opt-out pages, which are located at http://www.networkadvertising.org/choices/ or
www.aboutads.info/choices, or install the DAA's AppChoice app (for iOS; for Android) on your mobile
computing
device. When you use these opt-out features, an "opt-out" Cookie will be placed on your computer,
tablet or
mobile computing device indicating that you do not want to receive Interest-Based Ads from NAI or
DAA member
companies. If you delete Cookies on your computer, tablet or mobile computing device, you may need
to opt out
again. For information about how to opt out of Interest-Based Ads on mobile devices, please visit
http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device.
You will
need to opt out of each browser and device for which you desire to apply these opt-out features.
Please note that even after opting out of Interest-Based Ads, you may still see MyHealthID
advertisements
that are
not interest-based (i.e., not targeted toward you). Also, opting out does not mean that
MyHealthID is no
longer
using tracking tools — MyHealthID still may collect information about your use of the
Services even
after you have
opted out of Interest-Based Ads and may still serve advertisements to you via the Services based on
information
collected via the Services.
Data Security and Retention
The security of your Personal Data is important to us. We seek to protect your Personal Data from
unauthorized
access, use and disclosure using appropriate physical, technical, organizational and administrative
security
measures based on the type of Personal Data and how we are processing that data. We endeavor to
follow generally
accepted industry standards to protect the Personal Data submitted to us, both during transmission
and in
storage. For example, the Services use industry standard Secure Sockets Layer (SSL) technology to
allow for the
encryption of Personal Data. We store and process your information on our servers in the United
States and
abroad. We maintain what we consider industry standard backup and archival systems. You should also
help protect
your data by appropriately selecting and protecting your password and/or other sign-on mechanism;
limiting
access to your computer or device and browser; and signing off after you have finished accessing
your account.
Although we work to protect the security of your account and other data that we hold in our records,
for
example, by making good faith efforts to store Personal Data in a secure operating environment that
is not open
to the public, please be aware that no method of transmitting data over the Internet or storing data
is
completely secure. We cannot and do not guarantee the complete security of any data you share with
us, and
except as expressly required by law, we are not responsible for the theft, destruction, loss or
inadvertent
disclosure of your information or content.
If at any time during or after our relationship we believe that the security of your Personal Data
may have been
compromised, we may seek to notify you of that development. If a notification is appropriate, we
will endeavor
to notify you as promptly as possible under the circumstances. If we have your e-mail address, we
may notify you
by e-mail to the most recent e-mail address you have provided us in your account profile. Please
keep your
e-mail address in your account up to date. You can update that e-mail address anytime in your
account profile.
If you receive a notice from us, you can print it to retain a copy of it. To receive these notices,
you must
check your e-mail account using your computer or mobile device and email application software. You
consent to
our use of e-mail as a means of such notification. If you prefer for us to use the U.S. Postal
Service to notify
you in this situation, please e-mail us at Privacy-@.com. Please include your address when
you
submit your request. You can make this election any time, and it will apply to notifications we make
after a
reasonable time thereafter for us to process your request. You may also use this e-mail address to
request a
print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your
Personal
Data.
We retain Personal Data about you consistent with all internal policies and procedures. We may retain
Personal
Data to comply with our legal obligations, resolve disputes or collect fees owed, or as is otherwise
permitted
or required by our data retention policies and procedures.
Children's Privacy
The Services are not directed to or intended for use by children under 13 years of age. If you are a
child under
the age of 13, please do not attempt to register for or otherwise use the Services or send us any
Personal Data.
By accessing, using and/or submitting information to or through the Services, you represent that you
are not
under the age of 13. As noted in the Terms of Use, we do not knowingly collect or solicit Personal
Data from
children under the age of 13. If we learn that we have received any Personal Data directly from a
child under
age 13 without first receiving his or her parent's verified consent, we will use that Personal Data
only to
respond directly to that child (or his or her parent or legal guardian) to inform the child that he
or she
cannot use the Services. We will then subsequently delete that child's Personal Data. If you believe
that a
child under 13 may have provided us with Personal Data, please contact us at Privacy@.com.
If you are between age thirteen (13) and the age of majority in your place of residence, you may use
the Services
only with the consent of or under the supervision of your parent or legal guardian. If you are a
parent or legal
guardian of a minor child, you may, in compliance with the Agreement, use the Services on behalf of
such minor
child. Any information that you provide us while using the Services on behalf of your minor child
will be
treated as Personal Data as otherwise provided herein.
If you use the Services on behalf of another person, regardless of age, you agree that
MyHealthID may
contact you for
any communication made in connection with providing the Services or any legally required
communications. You
further agree to forward or share any such communication with any person for whom you are using the
Services on
behalf.
How We Use Information That is Neither Personal Data nor PHI
We may use information that is neither Personal Data nor PHI (including non-PHI Personal Data that
has been
de-identified and/or aggregated) to better understand who uses myHealthID and how we can
deliver a
better digital healthcare experience, or otherwise at our discretion.
Controlling Your Personal Data & Notifications
If you are a registered user of the Services, you can modify certain Personal Data or account
information by
logging in and accessing your account. If you wish to close your account, please email us at
Privacy@
MyHealthID.com. MyHealthID will use reasonable efforts to delete your account as soon as
reasonably
possible. Please note, however, that MyHealthID reserves the right to retain information
from closed
accounts consistent with all internal data retention policies and procedures.
You must promptly notify us if any of your account data is lost, stolen or used without permission.
California Rights
The California Consumer Privacy Act of 2018 ("CCPA") provides California residents with specific
rights regarding
their personal information. This section describes your CCPA rights and explains how to exercise
those rights.
If you have any questions about this section or whether any of the following applies to you, please
contact us
at Consumer-Privacy@MyHealthID.com and indicate "California Rights" in the subject line of
your
communication.
Access
You have the right to request certain information about our collection and use of your Personal Data
over the
past 12 months, including the following:
If we have disclosed your Personal Data for a business purpose over the past 12 months, we will
identify the
categories of Personal Data shared with each category of third-party recipient.
pIf we have sold your Personal Data over the past 12 months, we will identify the categories of Personal
Data
purchased by each category of third-party recipient.
Deletion
You have the right to request that we delete the Personal Data that we have collected from you. Under
the CCPA,
this right is subject to certain exceptions: for example, we may need to retain your Personal Data
to provide
you with the Services or complete a transaction or other action you have requested. If your deletion
request is
subject to one of these exceptions, we may deny your deletion request.
Exercising Your Rights
To exercise the rights described above, you must send us a request that (1) provides sufficient
information to
allow us to verify that you are the person about whom we have collected Personal Data, and (2)
describes your
request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request
that meets
both of these criteria will be considered a "Valid Request." We may not respond to requests that do
not meet
these criteria. We will only use Personal Data provided in a Valid Request to verify you and
complete your
request. You do not need an account to submit a Valid Request.
We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee
for making
a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If
we determine
that your Valid Request warrants a fee, we will notify you of the fee and explain that decision
before
completing your request.
You may submit a Valid Request using the following methods:
- Submitting a request by following the instructions found at https://www.
MyHealthID.com/privacy-settings
- Emailing us at: Consumer-Privacy@MyHealthID.com
Personal Data Sales Opt-Out
In this section, we use the term ‘sell' as it is defined in the CCPA. We sell your Personal Data,
subject to your
right to opt-out of these sales.
We sell your Personal Data to the following categories of third parties:
Over the past twelve months, we have sold the following categories of your Personal Data to third
parties:
- Demographic Data
- Web analytics or other similar network activity information
You have the right to opt-out of the sale of your Personal Data. You can opt-out using the following
methods:
- Submitting a request by following the instructions found at https://www.
MyHealthID.com/privacy-settings
- Emailing us at: Consumer-Privacy@MyHealthID.com
We do not sell the Personal Data of minors under 16 years of age without affirmative authorization
We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you
our goods or
services, charge you different prices or rates, or provide you a lower quality of goods and services
if you
exercise your rights under the CCPA. However, we may offer different tiers of our Services as
allowed by
applicable data privacy laws (including the CCPA) with varying prices, rates, or levels of quality
of the goods
or services you receive related to the value of Personal Data that we receive from you.
Other California Resident Rights
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us
to prevent
disclosure of Personal Data to third parties for such third parties' direct marketing purposes; in
order to
submit such a request, please contact us at Consumer-Privacy@MyHealthID.com.
Changes to this Privacy Policy
We reserve the right to amend our Privacy Policy at our discretion and at any time. When we make
changes to the
Privacy Policy, we will notify you by email or through a notice on our website homepage. Use of the
information
we collect is subject to the Privacy Policy in effect at the time such information is collected.