Privacy Policy
INTRODUCTION
Medisprout, Inc. (“us” or “we”) provides proprietary application software, a website, a mobile app, a portal, technology infrastructure and, if and when available, a data storage platform and infrastructure for the transmission, receipt and retrieval of data, which together comprise the V2MD™ platform (which, together with related documentation, is referred to as the “Platform”) and through the Platform, various services (the “Services”). The Platform and Services are designed to offer general information, a means to enable telemedicine consultations and treatment for common medical conditions or other health care related matters, and if and when available, integrated communications (in telemedicine or in-person settings) and data (including protected health information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996, and associated regulations, as amended from time to time (“HIPAA”)) transmission, reception, access and storage as a means to facilitate telemedicine and in-person consultations and treatment for medical conditions or other health care related matters.
A health care provider, facility, patient or other authorized person who uses the Platform or Services is referred to as “you”. A health care provider selected by a patient or facility to provide health care services through the Platform is referred to as “your Provider”. The use of audio or video for communication (and, in connection with that audio or video, other electronic means of communication) between health care providers, facilities, patients or other authorized users with respect to health care is referred to as “Telemedicine”. For avoidance of doubt, the capitalized word “Services” as used in this Privacy Policy refers only to the Services we provide and does not refer to the Telemedicine or other consultations, treatment or other health care services that are provided by health care providers or Authorized Users of the Platform or Services.
This Privacy Policy describes the types of Personal Information (defined below) we collect from you and our practices for collecting, using, maintaining, sharing, storing and protecting that Personal Information. It also describes the rights and choices you may have with respect to your Personal Information and how you may contact us.
Unlike many other companies, we do not routinely sell your Personal Information. We may sell de-identified aggregated Personal Information for very limited purposes with the goal of improving health care services as described in Section 4 below but we do not otherwise sell your Personal information.
This Privacy Policy does not apply to PHI that we collect from a patient who has created an account with us. Our collection, use, maintenance, sharing, storing and protection of that PHI is governed by the laws that apply to PHI (such as HIPAA) and to the policies the patient acknowledged and accepted when the patient’s account was opened.
A health care provider may be regulated as a “covered entity” under HIPAA. This Privacy Policy is distinct from a provider’s Notice of Privacy Practices, which describes in detail how a provider uses and discloses your PHI and a copy of which can be requested from the provider.
This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including, but not limited to, health care providers, the manufacturer of your mobile device, and any other third party application or website. The inclusion of a link on the Platform or in the Services does not imply endorsement of the linked site or service by us. We also encourage you to review the privacy practices of each of your Providers and the privacy policies of each website and application you visit and use.
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google or Microsoft, or any other app provider, social media platform provider, app developer, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Services.
By using the Platform and Services, you accept the terms, practices and policies outlined in this Privacy Policy. If you are using the Platform and Services on behalf of an individual or entity other than yourself, you represent that you are authorized by such individual or entity to accept this Privacy Policy on such individual’s or entity’s behalf.
We may change this Privacy Policy at any time. If we make any changes to this Privacy Policy, we will update the “Last Revised” date at the bottom of this Privacy Policy, post a notice on the Platform regarding the revised Privacy Policy, and require that you acknowledge your agreement to the revised Privacy Policy prior to being able to continue using the Platform and Services. Your use of the Platform and Services following any change means that you accept and agree to be bound by the revised Privacy Policy. If you do not agree with the revised Privacy Policy, your sole and exclusive remedy is to discontinue your use of the Platform and Services.
TABLE OF CONTENTS
- Jurisdictional and Age Issues
- Personal Information We May Collect
- How We Collect Personal Information
- How We May Use Personal Information
- How Personal Information May Be Disclosed
- Non-Personal Information We May Collect
- Third Party Websites and Links
- Use of Information Collected Through Cookies
- Security
- Your Choices Regarding Our Use and Disclosure of Your Personal Information
- How You Can Access or Update Your Personal Information
- Controlling Your Personal Information; Retention
- Use of Application By Minors
- Notice to California Residents
- How to Contact Us
1. JURISDICTIONAL AND AGE ISSUES
We intend to provide the Platform and Services in the United States. Accordingly, this Privacy Policy is governed by the laws of the State of New York without giving effect to principles of conflicts of laws, with substantive rights in patents, copyrights, federal trademarks and federal trade secrets governed by the laws of the United States. We do not represent or warrant that the Platform, the Services or any functionality or feature of the Platform or Services, is appropriate or available for use in any particular jurisdiction. If you choose to access or use the Platform or Services from outside the United States, you do so on your own initiative and at your own risk, and you are solely responsible for complying with all relevant laws, rules and regulations. By using the Platform or Services and submitting any Personal Information from outside the United States, you acknowledge that the Platform and the Services are subject to the laws of New York and the United States as provided above which may differ from, and may provide a different level of data security than, the law in the country from which you are using the Platform or Services.
To use the Platform and Services, you must be at least 18 years of age and reside in a jurisdiction in which we offer the Platform and Services. If you reside in a jurisdiction that restricts the use of the Platform or Services because of age, or restricts the ability to enter into contracts due to age, you must abide by such age limits and you must not use the Platform or Services By using the Platform and Services, you represent that you are of legal age to enter into a binding contract.
2. PERSONAL INFORMATION WE MAY COLLECT
In order for you to use the Platform and Services, we may require you to provide to us and either directly or through us to certain third party service providers (such as a pharmacy, insurance company or imaging storage center) (“Third Party Service Providers”) certain information that identifies you as an individual or relates to an identifiable person (“Personal Information”). We and Third Party Service Providers may collect Personal Information from you that you provide through the Platform and Services. That information includes, among other things:
- Your name and your contact data, such as your physical and billing addresses, e-mail address, phone number, and your account login and password;
- Demographic data, such as your gender, your date of birth and your zip code;
- Insurance information, such as your insurance carrier and insurance plan;
- Payment information, such as your credit or debit card number; and
- Confirmation that your Provider provided services to you.
If you submit to us or to Third Party Service Providers any Personal Information relating to other people in connection with the Platform and Services, you represent that you have the authority to do so and to permit us and such Third Party Service Providers to use the information in accordance with this Privacy Policy.
If you communicate with us or Third Party Service Providers by, for example, e-mail or letter, any information provided in such communication may be collected as Personal Information.
We may also automatically collect information through the use of cookies and other tracking technologies (see below). That information may include an IP address, device ID and online identifier. We may use that information as provided in this Privacy Policy, and we may draw inferences about you from the information we collect.
In addition to the information that we and Third Party Service Providers collect directly from you, we and Third Party Service Providers may also collect certain Personal Information about you from or on behalf of your Providers. We and Third Party Service Providers use and disclose this information only in accordance with your permission, which you are deemed to provide when you use the Platform or Services. If you do not agree, or if you subsequently withdraw your permission, you may not be able to use the Platform or the Services (except as provided under “Modifications to, or Discontinuation of, the Platform or the Services; Termination” in the Terms of Service), but you may continue to receive health care services from your Provider outside of the Platform or the Services.
We and Third Party Service Providers may also collect precise information about the location of your mobile device or computer. Please see below under “How We Collect Non-Personal Information” for additional information about our collection of location information.
3. HOW WE COLLECT PERSONAL INFORMATION
We may collect Personal Information using the following methods:
- Directly from you when you provide it to us (such as information you enter into web forms, inquiries, responses, activity on the Platform, and during account setup).
- From third parties, such as Third Party Service Providers and analytics service providers.
- Automatically through tracking technologies such as cookies, web beacons, web pixels and similar technology.
“Cookies” are small files that a website stores on a user’s computer or device. The Platform and Services may use cookies for various purposes, including to keep the information you enter on multiple pages together. Some of the cookies we use are “session” cookies, meaning that they are automatically deleted from your hard drive after you close your browser at the end of your session. Session cookies are used to optimize performance of the Platform and Services and to limit the amount of redundant data that is downloaded during a single session. We also may use “persistent” cookies, which remain on your computer or device unless deleted by you (or by your browser settings). We may use persistent cookies for various purposes, such as statistical analysis of performance to ensure the ongoing quality of the Platform and Services, as well as other purposes as further described in this Privacy Policy. Most web browsers automatically accept cookies, but you may set your browser to block certain cookies (see below). In accordance with applicable law, we may obtain your consent separately before collecting information by automated means using cookies or similar devices.
4. HOW WE MAY USE PERSONAL INFORMATION
We and Third Party Service Providers may use Personal Information:
- to complete activity you specifically requested such as to schedule and establish a Telemedicine or, if and when available, in-person visit and send or receive communications that you request or authorize;
- if and when available, to establish means to transmit, receive, access and store data and information (including PHI);
- if and when available, to establish means to access services (e.g., translation services) and materials involving third parties;
- to send to you administrative information, including information regarding the Platform and Services, and changes to our Terms of Service, Privacy Policy and other aspects of the Platform and Services;
- to communicate with you regarding your appointments and related services provided by your Provider;
- if applicable, to obtain or facilitate payments for our fees and to send payment receipts;
- to provide you with customer service related to the above items;
- to confirm that health care services requested through the Platform and Services were provided, and to receive your evaluation of the services provided;
- to personalize your experience with the Platform and Services by providing clinical guidance, education and recommendations (but note that we do not provide medical advice);
- to further our business purposes, such as (a) the operation, maintenance, administration and improvement of the Platform and Services, (b) developing, testing, improving and demonstrating the Platform and Services, (c) monitoring and analyzing the effectiveness of content included in the Platform and Services, (d) quality assessment, (e) data analysis, (f) audits, (g) developing new products and services, (h) identifying usage trends, (i) developing tools which help assess the performance, competence and qualifications of health care providers, (j) conducting training programs for health care providers, and (k) determining the effectiveness of our promotional campaigns;
- to promote and market the Platform and Services to you;
- to conduct research on users’ demographics, interests and behavior based on information provided during use of the Platform and Services;
- to complete activity you specifically requested such as to schedule and establish a Telemedicine or, if and when available, in-person visit and send or receive communications that you request or authorize;
- to anonymize and aggregate information for data collection, analytics and reporting;
- to use analytics and on-site personalization services of third parties, such as Google or Adobe Analytics. (Such services may use cookies, web beacons, web pixels and similar technology to collect and store information about you or your device or browser. You can learn more about the services we use by sending an email to support@medisprout.com.);
- to act as we believe to be necessary or appropriate (a) under applicable law, (b) to comply with legal process, (c) to respond to law enforcement and other governmental requests and court orders, (d) to carry out our legal and contractual obligations and enforce our rights, (e) to enforce our Terms of Service and Privacy Policy, (f) to protect our operations including authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Platform and Services, (g) to protect the rights, privacy, safety or property of ours or our affiliates and, in our discretion (but without any obligation to, or liability if we, take such actions), you or others, (h) at our discretion (but without any obligation to, or liability if we, take such actions) under emergency circumstances, to notify emergency services or your family members, personal representatives or other individuals involved in your care of your location and condition, or (i) to allow us to pursue available remedies or limit the damages that we may sustain; and
- for any purpose to which you consent.
In addition, we may use aggregated de-identified Personal Information that is not associated with any individual account:
- to improve the quality of the Platform and Services and for marketing the Platform and Services;
- to provide data or offer additional services to health care providers who subscribe to the Platform and Services and who may be charged a separate fee for receiving such data or additional services; and
- To provide data for third party studies which are intended to advance clinical outcomes and knowledge and for which we may receive compensation.
You may opt out of our use of your Personal Information for so providing data or offering additional services to health care providers or for third party studies as described immediately above by notifying us at support@medisprout.com.
Our use of your Personal Information may also be subject to certain restrictions set forth in an agreement between your Provider and us.
Section 5 below describes additional ways we may use your Personal Information.
5. HOW PERSONAL INFORMATION MAY BE DISCLOSED
In addition to the disclosures associated with the uses described in Section 4 above, your Personal Information may be disclosed:
- to Third Party Service Providers that provide services such as (a) hosting the Platform and Services, (b) data analysis, information technology services and infrastructure, (c) customer service, (d) e-mail delivery, (e) auditing, and (f) other similar services;
- to Third Party Service Providers that provide services to assist in the delivery of health services such as translation services;
- if you are a patient, to health care providers, including your Providers, and if you are a health care provider, to a patient, to schedule and fulfill visits and provide health care services, and to confirm those services were delivered;
- to Third Party Service Providers that transmit or receive PHI;
- to our affiliates that are subject to this Policy;
- to Third Party Service Providers in accordance with your instructions;
- to persons you request;
- to our professional advisors, such as law firms and accounting firms;
- to third parties in connection with a substantial corporate transaction, such as the sale of a website, or a merger, consolidation, asset sale, bankruptcy or other business transaction; and
- to a third party as we believe to be necessary or appropriate (a) under applicable law, (b) to comply with legal process, (c) to respond to law enforcement and other governmental requests and court orders, (d) to carry out our legal and contractual obligations and enforce our rights, (e) to enforce our Terms of Service and Privacy Policy, (f) to protect our operations including authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Platform and Services, (g) to protect the rights, privacy, safety or property of ours or our affiliates and, in our discretion (but without any obligation to, or liability if we, take such actions), you or others, (h) at our discretion (but without any obligation to, or liability if we, take such actions) under emergency circumstances, to notify emergency services or your family members, personal representatives or other individuals involved in your care of your location and condition, or (i) to allow us to pursue available remedies or limit the damages that we may sustain.
We may also disclose aggregated de-identified Personal Information.
If you make any Personal Information publicly available on the Platform, anyone may see and use such information.
Our disclosure of your Personal Information may also be subject to certain restrictions set forth in an agreement between your Provider and us.
6. Non-Personal Information We May Collect
“Non-Personal Information” is any information that does not reveal your specific identity.
We and Third Party Service Providers may collect Non-Personal Information in a variety of ways, including:
- Through your device: Certain information is collected automatically through your device, such as your operating system name and version, device manufacturer and model, language, and the name and version of the software application you are using. We use this information to ensure that the Platform and Services function properly and to understand usage of the Platform and Services.
- From you: We may collect information about the physical location of your device using your device’s GPS functionality. We may use such information to provide you with personalized location-based services and content (for example, information regarding local health care providers). We may collect Non-Personal Information from you such as your preferred means of communication, when you voluntarily provide such information to us. Unless combined with Personal Information, this information does not personally identify you or any other user of the Platform or Services.
- By de-identifying information: Aggregated de-identified Personal Information is information that is derived from Personal Information that does not personally identify you or any other user of the Platform or Services. For example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code or live in a particular location.
If we are required to treat Non-Personal Information as Personal Information under applicable law, then we may use it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy.
Because Non-Personal Information does not personally identify you, we may use and disclose Non-Personal Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Non-Personal Information with Personal Information (such as combining your zip code with your name). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is so combined.
7. THIRD PARTY WEBSITES AND LINKS
Our Platform and Services may contain links to other online platforms operated by third parties, such as to a health care provider or a published article. We do not control such other online platforms and are not responsible for their content, their privacy policies, or their use of your information. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook, LinkedIn or Twitter) may also be viewable by other users of the Platform and Services or users of those third-party online platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators except as disclosed on the Platform or Services. We expressly disclaim any and all liability for the actions of third parties, including but not limited to actions relating to the use or disclosure of Personal Information by third parties. Any information submitted by you directly to these third parties is subject to that third party’s privacy policy.
8. USE OF INFORMATION COLLECTED THROUGH COOKIES
As discussed above, we may collect Personal Information about your activities through the Platform and Services. We may collect, use and disclose such Personal Information as described in Sections 3-6 above.
You have certain choices concerning cookies and this Section 8 explains how to exercise those choices.
Each type of web browser offers ways to restrict and delete cookies. For more information on how to manage cookies visit the appropriate link below.
You may disable or delete browser cookies through your browser settings. Cookies generally are easy to disable or delete, but the method varies among browsers. If you disable or delete cookies, or if you are running third-party software that intercepts or deletes cookies, please note that some parts of the Platform or Services may not work properly.
You can opt out of third parties collecting your Personal Information for targeted advertising purposes in the United States by visiting the National Advertising Initiative’s (NAI) opt-out page and the Digital Advertising Alliance’s (DAA) opt-out page.
Your browser settings also may allow you to transmit a “Do Not Track” signal when you visit various websites. Some features of the Platform and Services may not be configured to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, you can visit here. [Add link]
If you have further questions regarding the specific information about you that we process or retain, as well as your choices regarding our collection and use practices, please contact us using the contact information listed below.
9. SECURITY
We seek to use reasonable physical, technical and administrative measures to protect Personal Information that we access, receive, process or transmit on behalf of any patient, insurer or provider. Unfortunately, no data transmission over the Internet or data storage system is completely secure, and therefore we cannot guarantee against all potential security breaches.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us of the problem by contacting us in accordance with the “How to Contact Us” section below.
10. YOUR CHOICES REGARDING OUR USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION
We give you choices regarding our use and disclosure of your Personal Information. Specifically, if you have provided your opt-in consent to our use of your Personal Information to personalize your experience with the Platform and Services by providing clinical guidance, education and recommendations (but note that we do not provide medical advice), to provide data or offer additional services to health care providers who subscribe to the Platform and Services, or to provide data for third party studies which are intended to advance clinical outcomes and knowledge, you may opt-out of these uses of your Personal Information by notifying us at support@medisprout.com. We will try to comply with your request as soon as reasonably practicable.
Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of our affiliates or Third Party Service Providers with which we have already shared such information.
11. HOW YOU CAN ACCESS OR UPDATE YOUR PERSONAL INFORMATION
If you would like to review or update your Personal Information that has been previously provided to us, you may do so by logging into your saved information within the Platform. We are not responsible for changing information from the databases of third parties with whom we have already shared your Personal Information. You may have additional rights to access, correct or modify the Personal Information or PHI that is held by your Provider. Please consult your Provider’s Notice of Privacy Practices for a description of those rights and how to exercise them.
12. CONTROLLING YOUR PERSONAL INFORMATION; RETENTION PERIOD
As a user of the Platform and Services, you can modify some of the Personal Information you have included in your profile. Upon your request, we will use commercially reasonable efforts to delete the Personal Information in your profile; however, it may be impossible to remove the Personal Information without some residual information being retained by us, and we may be required by law or our agreement with your Provider to retain certain information. We may also not delete Personal Information if doing so would adversely affect the operation or integrity of our systems. We may also keep your Personal Information for archival purposes. We have no obligation to delete any data or information a patient provides on a medical history or similar form or on the account of any health care provider to whom a patient’s medical history or other Personal Information was submitted through the Platform or Services. A user with any questions concerning the modification or deletion of Personal Information may email those questions to support@medisprout.com.
We generally retain Personal Information and other records only as long as necessary and as required for our business operations, for archival purposes, and to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information, potential risk of harm from unauthorized use or disclosure, purposes for which we process your Personal Information, whether we can achieve those purposes through other means, and business operations and legal requirements.
To the extent we retain Personal Information, we will do so subject to the terms of this Privacy Policy as in effect from time to time and, in the case of a patient, the acknowledgments the patient provided in setting up his or her account,
13. USE OF APPLICATION BY MINORS
The Platform and Services are not directed to individuals under the age of 18, and we do not knowingly collect Personal Information from users under the age of 18. If we learn that we have received any information from an individual under the age of 18, we will use that information only to respond directly to that child (or a person whom we reasonably believe to be a parent, legal guardian or personal representative of such child) to inform him or her that he or she cannot use the Platform or Services and subsequently we will delete that information from our own servers. However, if you are a parent, legal guardian or personal representative of a minor child, you may, in compliance with this Privacy Policy and the Terms of Service, use the Platform and Services and provide Personal Information on behalf of such minor child. Any information that you provide to us while using the Platform and Services on behalf of your minor child will be treated as Personal Information as otherwise provided in this Privacy Policy.
14. NOTICE TO CALIFORNIA RESIDENTS
If you are a California resident, certain Personal Information that we collect about you is subject to the California Consumer Privacy Act (“CCPA”).
Please note that the CCPA does not apply to, among other things,
- Information that is lawfully made available from federal, state, or local government records;
- Consumer information that is deidentified and aggregated;
- Protected health information that is collected by a covered entity or business associate governed by HIPAA; or
- Medical information maintained by a provider of health care governed by the Confidentiality of Medical Information Act (“CMIA”).
Collection of Personal Information – Currently and in the Preceding 12 Months
We collect Personal Information as defined by the CCPA, which is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include de-identified aggregated information, publicly available information that is lawfully made available from federal, state, or local government records, and information covered by certain sector-specific privacy laws.
We currently collect and have collected the following categories of Personal Information about consumers in the 12 months preceding the date this Privacy Policy was last modified:
- Identifiers. Internet Protocol (IP) address, online identifier, device identifier.
- Personal Information. Your name, email address, date of birth, phone number, and address only if you provided it to us via a form on the Platform or during an incomplete or failed account setup.
- Commercial information. (a) Business contact information if you have provided it to us via a form (such to open an account, obtain more information or request a demo) on the Platform, including name, company name, physical address, email address, telephone, and fax number, and (b) information on actions taken on the Platform, which may include information about areas of the Platform considered and information about preferences and behavior that we collect on the Platform to personalize content we deliver on the Platform and Services.
- Internet or other electronic network activity information. This includes, but is not limited to, browsing history, search history, and information regarding a consumer’s interaction with the Platform and Services.
We collect Personal Information from the following categories of sources:
- Directly and indirectly from you, including through your interaction with the Platform and Services;
- Third party partners such as analytics providers; and
- Automatically through tracking technologies.
See Sections 2 and 3 for additional detail.
We may use your Personal Information for the following purposes:
- Operate, maintain, supervise, administer, and enhance the Platform and Services, including monitoring and analyzing the effectiveness of content, aggregate site usage data, and other usage such as checking your eligibility and assisting you in completing the account setup process.
- Provide you with a tailored and user-friendly experience as you navigate the Platform and Services.
- Promote and market the Platform and Services to you.
- To complete the activity you specifically asked for, e.g., setup your account, obtain more information, request a demo, or request a Request for a Proposal.
- Conduct research on users’ demographics, interests, and behavior based upon information provided during use of the Platform and Services.
- Anonymize and aggregate information for analytics and reporting.
- Respond to law enforcement requests, court orders and legal process, carry out our legal and contractual obligations, and enforce our rights.
- Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Platform and Services and the safety of users.
- Develop, test, improve, and demonstrate the Platform and Services.
- As further described in Sections 4 and 5
- Any other purpose with your consent.
Disclosure of Personal Information in the Preceding 12 Months
In the 12 months preceding the date of this Privacy Policy, we have shared Personal Information with the following categories of third parties and have disclosed the following categories of Personal Information for a business purpose, for a commercial purpose, to comply with law, in the context of a transaction, or for other business reasons:
Personal Information | Third Parties |
---|---|
Identifiers | We may disclose IP address, device ID, or online identifier to service providers, health care providers, patients, internet service providers, and/or data analytics providers. We may disclose name, email address, date of birth, phone number, and address if you provided it to us (including during an incomplete or failed initial account registration). |
Commercial information | Service providers, health care providers and/or patients |
Internet or other electronic network activity information | Service providers, health care providers, patients, internet service providers, and/or data analytics providers |
See Sections 4 and 5 for additional detail.
If you are a California resident, and in accordance with the CCPA, you have the right to:
- Request to know and access the Personal Information we collect, use, and disclose;
- Request deletion of Personal Information (subject to Section 12);
- Opt-out of the sale of Personal Information;
- Opt-out of uses of your Personal Information as provided in Section 10; and
- Not receive discriminatory treatment by us for exercising these rights.
Requests to Know and Access
You have the right to request that we disclose to you the following information:
- Categories of Personal Information that we have collected about you, disclosed about you for a business purpose, or sold;
- Categories of sources from which the Personal Information is collected;
- Categories of third parties with whom we share or to whom we sell Personal Information;
- The business or commercial purpose for collecting and selling Personal Information; and
- Specific pieces of Personal Information that we have collected about you.
As noted in Section 4 , we may sell de-identified aggregated Personal Information for limited purposes. We do not otherwise sell your Personal Information.
You may only make a request for access twice within a 12-month period.
Requests to Delete
You have the right to request that we delete Personal Information about you that we have collected, subject to certain exceptions. See Section 12.
Instructions for submitting a verifiable request are provided below.
Requests to not sell your Personal Information
As noted in Section 4, we may sell de-identified aggregated Personal Information for limited purposes. We do not otherwise sell your Personal Information.
How to Exercise Your Rights
To make Requests to Know or Access and Requests to Delete, please complete this form.
As required under applicable law, we must take steps to verify your request before we can provide Personal Information to you, delete Personal Information, or otherwise process your request. To verify your request, we may require you to provide your name, physical address, email address, contact information, and information about your account or previous transactions with us. If you have only visited public portions of the Platform and did not provide any Personal Information to us via a web form or through the account setup process, we will need you to provide us with your IP address or device ID in order for us to determine if we have that information. We will not be able to determine if we have your IP address or device ID from your name, physical address, email address, contact information, or account information.
We will further verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as your date of birth or government identifier, in order to protect against fraudulent requests.
We will deliver Personal Information that we are required by law to disclose to you in the manner required by law within 45 days after receipt of a verifiable request, unless we notify you that we require additional time to respond, in which case we will respond within such additional period of time required by law. We may deliver the Personal Information to you electronically or by mail at your option. If electronically, then we will deliver the information in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit the information from one entity to another without hindrance.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may designate an authorized agent to request any of the above rights on your behalf. You may make such a designation by providing the agent with written permission, signed by you, to act on your behalf. Your agent may contact us by using the information provided in the “How to Contact Us” section below to make a request on your behalf. Even if you choose to use an agent, we may, as permitted by law, require verification of the agent’s authorization to act on your behalf, require you to confirm you have authorized the agent to act on your behalf, or require you to verify your own identity.
Right to Nondiscrimination
You have the right to be free from discriminatory treatment for exercising the privacy rights conferred by the CCPA, including not being denied goods or services, charged different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties, provided a different level or quality of goods or services, or suggested that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
15. HOW TO CONTACT US
If you have any questions about this Privacy Policy, please contact us by e-mail at support@medisprout.com or by mail at:
Privacy Officer
Medisprout, Inc.
7 Dana Road
Valhalla
New York 10595
By sending an email to: support@medisprout.com
By calling us: 866-896-1431
Please note that e-mail communications are not always secure. Please do not include health information, credit or debit card information or other sensitive information in your e-mail messages to us.
Last Revised: 10 May 2022