Medisprout, Inc. (“us” or “we”) provides proprietary application software, a website, a mobile app, a portal, technology infrastructure and, if and when available, a data storage platform and infrastructure for the transmission, receipt and retrieval of data, which together comprise the V2MD™ platform (which, together with related documentation, is referred to as the “Platform”) and through the Platform, various services (the “Services”). The Platform and Services are designed to offer general information, a means to enable telemedicine consultations and treatment for common medical conditions or other health care related matters, and if and when available, integrated communications (in telemedicine or in-person settings) and data (including protected health information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996, and associated regulations, as amended from time to time (“HIPAA”)) transmission, reception, access and storage as a means to facilitate telemedicine and in-person consultations and treatment for medical conditions or other health care related matters.
Unlike many other companies, we do not routinely sell your Personal Information. We may sell de-identified aggregated Personal Information for very limited purposes with the goal of improving health care services as described in Section 4 below but we do not otherwise sell your Personal information.
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google or Microsoft, or any other app provider, social media platform provider, app developer, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Services.
TABLE OF CONTENTS
- Jurisdictional and Age Issues
- Personal Information We May Collect
- How We Collect Personal Information
- How We May Use Personal Information
- How Personal Information May Be Disclosed
- Non-Personal Information We May Collect
- Third Party Websites and Links
- Use of Information Collected Through Cookies
- Your Choices Regarding Our Use and Disclosure of Your Personal Information
- How You Can Access or Update Your Personal Information
- Controlling Your Personal Information; Retention
- Use of Application By Minors
- Notice to California Residents
- How to Contact Us
1. JURISDICTIONAL AND AGE ISSUES
To use the Platform and Services, you must be at least 18 years of age and reside in a jurisdiction in which we offer the Platform and Services. If you reside in a jurisdiction that restricts the use of the Platform or Services because of age, or restricts the ability to enter into contracts due to age, you must abide by such age limits and you must not use the Platform or Services By using the Platform and Services, you represent that you are of legal age to enter into a binding contract.
2. PERSONAL INFORMATION WE MAY COLLECT
In order for you to use the Platform and Services, we may require you to provide to us and either directly or through us to certain third party service providers (such as a pharmacy, insurance company or imaging storage center) (“Third Party Service Providers”) certain information that identifies you as an individual or relates to an identifiable person (“Personal Information”). We and Third Party Service Providers may collect Personal Information from you that you provide through the Platform and Services. That information includes, among other things:
- Your name and your contact data, such as your physical and billing addresses, e-mail address, phone number, and your account login and password;
- Demographic data, such as your gender, your date of birth and your zip code;
- Insurance information, such as your insurance carrier and insurance plan;
- Payment information, such as your credit or debit card number; and
- Confirmation that your Provider provided services to you.
If you communicate with us or Third Party Service Providers by, for example, e-mail or letter, any information provided in such communication may be collected as Personal Information.
In addition to the information that we and Third Party Service Providers collect directly from you, we and Third Party Service Providers may also collect certain Personal Information about you from or on behalf of your Providers. We and Third Party Service Providers use and disclose this information only in accordance with your permission, which you are deemed to provide when you use the Platform or Services. If you do not agree, or if you subsequently withdraw your permission, you may not be able to use the Platform or the Services (except as provided under “Modifications to, or Discontinuation of, the Platform or the Services; Termination” in the Terms of Service), but you may continue to receive health care services from your Provider outside of the Platform or the Services.
We and Third Party Service Providers may also collect precise information about the location of your mobile device or computer. Please see below under “How We Collect Non-Personal Information” for additional information about our collection of location information.
3. HOW WE COLLECT PERSONAL INFORMATION
We may collect Personal Information using the following methods:
- Directly from you when you provide it to us (such as information you enter into web forms, inquiries, responses, activity on the Platform, and during account setup).
- From third parties, such as Third Party Service Providers and analytics service providers.
- Automatically through tracking technologies such as cookies, web beacons, web pixels and similar technology.
4. HOW WE MAY USE PERSONAL INFORMATION
We and Third Party Service Providers may use Personal Information:
- to complete activity you specifically requested such as to schedule and establish a Telemedicine or, if and when available, in-person visit and send or receive communications that you request or authorize;
- if and when available, to establish means to transmit, receive, access and store data and information (including PHI);
- if and when available, to establish means to access services (e.g., translation services) and materials involving third parties;
- to communicate with you regarding your appointments and related services provided by your Provider;
- if applicable, to obtain or facilitate payments for our fees and to send payment receipts;
- to provide you with customer service related to the above items;
- to confirm that health care services requested through the Platform and Services were provided, and to receive your evaluation of the services provided;
- to personalize your experience with the Platform and Services by providing clinical guidance, education and recommendations (but note that we do not provide medical advice);
- to further our business purposes, such as (a) the operation, maintenance, administration and improvement of the Platform and Services, (b) developing, testing, improving and demonstrating the Platform and Services, (c) monitoring and analyzing the effectiveness of content included in the Platform and Services, (d) quality assessment, (e) data analysis, (f) audits, (g) developing new products and services, (h) identifying usage trends, (i) developing tools which help assess the performance, competence and qualifications of health care providers, (j) conducting training programs for health care providers, and (k) determining the effectiveness of our promotional campaigns;
- to promote and market the Platform and Services to you;
- to conduct research on users’ demographics, interests and behavior based on information provided during use of the Platform and Services;
- to complete activity you specifically requested such as to schedule and establish a Telemedicine or, if and when available, in-person visit and send or receive communications that you request or authorize;
- to anonymize and aggregate information for data collection, analytics and reporting;
- for any purpose to which you consent.
In addition, we may use aggregated de-identified Personal Information that is not associated with any individual account:
- to improve the quality of the Platform and Services and for marketing the Platform and Services;
- to provide data or offer additional services to health care providers who subscribe to the Platform and Services and who may be charged a separate fee for receiving such data or additional services; and
- To provide data for third party studies which are intended to advance clinical outcomes and knowledge and for which we may receive compensation.
You may opt out of our use of your Personal Information for so providing data or offering additional services to health care providers or for third party studies as described immediately above by notifying us at email@example.com.
Our use of your Personal Information may also be subject to certain restrictions set forth in an agreement between your Provider and us.
Section 5 below describes additional ways we may use your Personal Information.
5. HOW PERSONAL INFORMATION MAY BE DISCLOSED
In addition to the disclosures associated with the uses described in Section 4 above, your Personal Information may be disclosed:
- to Third Party Service Providers that provide services such as (a) hosting the Platform and Services, (b) data analysis, information technology services and infrastructure, (c) customer service, (d) e-mail delivery, (e) auditing, and (f) other similar services;
- to Third Party Service Providers that provide services to assist in the delivery of health services such as translation services;
- if you are a patient, to health care providers, including your Providers, and if you are a health care provider, to a patient, to schedule and fulfill visits and provide health care services, and to confirm those services were delivered;
- to Third Party Service Providers that transmit or receive PHI;
- to our affiliates that are subject to this Policy;
- to Third Party Service Providers in accordance with your instructions;
- to persons you request;
- to our professional advisors, such as law firms and accounting firms;
- to third parties in connection with a substantial corporate transaction, such as the sale of a website, or a merger, consolidation, asset sale, bankruptcy or other business transaction; and
We may also disclose aggregated de-identified Personal Information.
If you make any Personal Information publicly available on the Platform, anyone may see and use such information.
Our disclosure of your Personal Information may also be subject to certain restrictions set forth in an agreement between your Provider and us.
6. Non-Personal Information We May Collect
“Non-Personal Information” is any information that does not reveal your specific identity.
We and Third Party Service Providers may collect Non-Personal Information in a variety of ways, including:
- Through your device: Certain information is collected automatically through your device, such as your operating system name and version, device manufacturer and model, language, and the name and version of the software application you are using. We use this information to ensure that the Platform and Services function properly and to understand usage of the Platform and Services.
- From you: We may collect information about the physical location of your device using your device’s GPS functionality. We may use such information to provide you with personalized location-based services and content (for example, information regarding local health care providers). We may collect Non-Personal Information from you such as your preferred means of communication, when you voluntarily provide such information to us. Unless combined with Personal Information, this information does not personally identify you or any other user of the Platform or Services.
- By de-identifying information: Aggregated de-identified Personal Information is information that is derived from Personal Information that does not personally identify you or any other user of the Platform or Services. For example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code or live in a particular location.
Because Non-Personal Information does not personally identify you, we may use and disclose Non-Personal Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Non-Personal Information with Personal Information (such as combining your zip code with your name). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is so combined.
7. THIRD PARTY WEBSITES AND LINKS
8. USE OF INFORMATION COLLECTED THROUGH COOKIES
As discussed above, we may collect Personal Information about your activities through the Platform and Services. We may collect, use and disclose such Personal Information as described in Sections 3-6 above.
You have certain choices concerning cookies and this Section 8 explains how to exercise those choices.
Each type of web browser offers ways to restrict and delete cookies. For more information on how to manage cookies visit the appropriate link below.
You may disable or delete browser cookies through your browser settings. Cookies generally are easy to disable or delete, but the method varies among browsers. If you disable or delete cookies, or if you are running third-party software that intercepts or deletes cookies, please note that some parts of the Platform or Services may not work properly.
You can opt out of third parties collecting your Personal Information for targeted advertising purposes in the United States by visiting the National Advertising Initiative’s (NAI) opt-out page and the Digital Advertising Alliance’s (DAA) opt-out page.
Your browser settings also may allow you to transmit a “Do Not Track” signal when you visit various websites. Some features of the Platform and Services may not be configured to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, you can visit here. [Add link]
If you have further questions regarding the specific information about you that we process or retain, as well as your choices regarding our collection and use practices, please contact us using the contact information listed below.
We seek to use reasonable physical, technical and administrative measures to protect Personal Information that we access, receive, process or transmit on behalf of any patient, insurer or provider. Unfortunately, no data transmission over the Internet or data storage system is completely secure, and therefore we cannot guarantee against all potential security breaches.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us of the problem by contacting us in accordance with the “How to Contact Us” section below.
10. YOUR CHOICES REGARDING OUR USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION
We give you choices regarding our use and disclosure of your Personal Information. Specifically, if you have provided your opt-in consent to our use of your Personal Information to personalize your experience with the Platform and Services by providing clinical guidance, education and recommendations (but note that we do not provide medical advice), to provide data or offer additional services to health care providers who subscribe to the Platform and Services, or to provide data for third party studies which are intended to advance clinical outcomes and knowledge, you may opt-out of these uses of your Personal Information by notifying us at firstname.lastname@example.org. We will try to comply with your request as soon as reasonably practicable.
Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of our affiliates or Third Party Service Providers with which we have already shared such information.
11. HOW YOU CAN ACCESS OR UPDATE YOUR PERSONAL INFORMATION
If you would like to review or update your Personal Information that has been previously provided to us, you may do so by logging into your saved information within the Platform. We are not responsible for changing information from the databases of third parties with whom we have already shared your Personal Information. You may have additional rights to access, correct or modify the Personal Information or PHI that is held by your Provider. Please consult your Provider’s Notice of Privacy Practices for a description of those rights and how to exercise them.
12. CONTROLLING YOUR PERSONAL INFORMATION; RETENTION PERIOD
As a user of the Platform and Services, you can modify some of the Personal Information you have included in your profile. Upon your request, we will use commercially reasonable efforts to delete the Personal Information in your profile; however, it may be impossible to remove the Personal Information without some residual information being retained by us, and we may be required by law or our agreement with your Provider to retain certain information. We may also not delete Personal Information if doing so would adversely affect the operation or integrity of our systems. We may also keep your Personal Information for archival purposes. We have no obligation to delete any data or information a patient provides on a medical history or similar form or on the account of any health care provider to whom a patient’s medical history or other Personal Information was submitted through the Platform or Services. A user with any questions concerning the modification or deletion of Personal Information may email those questions to email@example.com.
We generally retain Personal Information and other records only as long as necessary and as required for our business operations, for archival purposes, and to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information, potential risk of harm from unauthorized use or disclosure, purposes for which we process your Personal Information, whether we can achieve those purposes through other means, and business operations and legal requirements.
13. USE OF APPLICATION BY MINORS
14. NOTICE TO CALIFORNIA RESIDENTS
If you are a California resident, certain Personal Information that we collect about you is subject to the California Consumer Privacy Act (“CCPA”).
Please note that the CCPA does not apply to, among other things,
- Information that is lawfully made available from federal, state, or local government records;
- Consumer information that is deidentified and aggregated;
- Protected health information that is collected by a covered entity or business associate governed by HIPAA; or
- Medical information maintained by a provider of health care governed by the Confidentiality of Medical Information Act (“CMIA”).
Collection of Personal Information – Currently and in the Preceding 12 Months
We collect Personal Information as defined by the CCPA, which is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include de-identified aggregated information, publicly available information that is lawfully made available from federal, state, or local government records, and information covered by certain sector-specific privacy laws.
- Identifiers. Internet Protocol (IP) address, online identifier, device identifier.
- Personal Information. Your name, email address, date of birth, phone number, and address only if you provided it to us via a form on the Platform or during an incomplete or failed account setup.
- Commercial information. (a) Business contact information if you have provided it to us via a form (such to open an account, obtain more information or request a demo) on the Platform, including name, company name, physical address, email address, telephone, and fax number, and (b) information on actions taken on the Platform, which may include information about areas of the Platform considered and information about preferences and behavior that we collect on the Platform to personalize content we deliver on the Platform and Services.
- Internet or other electronic network activity information. This includes, but is not limited to, browsing history, search history, and information regarding a consumer’s interaction with the Platform and Services.
We collect Personal Information from the following categories of sources:
- Directly and indirectly from you, including through your interaction with the Platform and Services;
- Third party partners such as analytics providers; and
- Automatically through tracking technologies.
See Sections 2 and 3 for additional detail.
We may use your Personal Information for the following purposes:
- Operate, maintain, supervise, administer, and enhance the Platform and Services, including monitoring and analyzing the effectiveness of content, aggregate site usage data, and other usage such as checking your eligibility and assisting you in completing the account setup process.
- Provide you with a tailored and user-friendly experience as you navigate the Platform and Services.
- Promote and market the Platform and Services to you.
- To complete the activity you specifically asked for, e.g., setup your account, obtain more information, request a demo, or request a Request for a Proposal.
- Conduct research on users’ demographics, interests, and behavior based upon information provided during use of the Platform and Services.
- Anonymize and aggregate information for analytics and reporting.
- Respond to law enforcement requests, court orders and legal process, carry out our legal and contractual obligations, and enforce our rights.
- Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Platform and Services and the safety of users.
- Develop, test, improve, and demonstrate the Platform and Services.
- As further described in Sections 4 and 5
- Any other purpose with your consent.
Disclosure of Personal Information in the Preceding 12 Months
|Personal Information||Third Parties|
|Identifiers||We may disclose IP address, device ID, or online identifier to service providers, health care providers, patients, internet service providers, and/or data analytics providers. We may disclose name, email address, date of birth, phone number, and address if you provided it to us (including during an incomplete or failed initial account registration).|
|Commercial information||Service providers, health care providers and/or patients|
|Internet or other electronic network activity information||Service providers, health care providers, patients, internet service providers, and/or data analytics providers|
See Sections 4 and 5 for additional detail.
If you are a California resident, and in accordance with the CCPA, you have the right to:
- Request to know and access the Personal Information we collect, use, and disclose;
- Request deletion of Personal Information (subject to Section 12);
- Opt-out of the sale of Personal Information;
- Opt-out of uses of your Personal Information as provided in Section 10; and
- Not receive discriminatory treatment by us for exercising these rights.
Requests to Know and Access
You have the right to request that we disclose to you the following information:
- Categories of Personal Information that we have collected about you, disclosed about you for a business purpose, or sold;
- Categories of sources from which the Personal Information is collected;
- Categories of third parties with whom we share or to whom we sell Personal Information;
- The business or commercial purpose for collecting and selling Personal Information; and
- Specific pieces of Personal Information that we have collected about you.
As noted in Section 4 , we may sell de-identified aggregated Personal Information for limited purposes. We do not otherwise sell your Personal Information.
You may only make a request for access twice within a 12-month period.
Requests to Delete
You have the right to request that we delete Personal Information about you that we have collected, subject to certain exceptions. See Section 12.
Instructions for submitting a verifiable request are provided below.
Requests to not sell your Personal Information
As noted in Section 4, we may sell de-identified aggregated Personal Information for limited purposes. We do not otherwise sell your Personal Information.
How to Exercise Your Rights
As required under applicable law, we must take steps to verify your request before we can provide Personal Information to you, delete Personal Information, or otherwise process your request. To verify your request, we may require you to provide your name, physical address, email address, contact information, and information about your account or previous transactions with us. If you have only visited public portions of the Platform and did not provide any Personal Information to us via a web form or through the account setup process, we will need you to provide us with your IP address or device ID in order for us to determine if we have that information. We will not be able to determine if we have your IP address or device ID from your name, physical address, email address, contact information, or account information.
We will further verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as your date of birth or government identifier, in order to protect against fraudulent requests.
We will deliver Personal Information that we are required by law to disclose to you in the manner required by law within 45 days after receipt of a verifiable request, unless we notify you that we require additional time to respond, in which case we will respond within such additional period of time required by law. We may deliver the Personal Information to you electronically or by mail at your option. If electronically, then we will deliver the information in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit the information from one entity to another without hindrance.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may designate an authorized agent to request any of the above rights on your behalf. You may make such a designation by providing the agent with written permission, signed by you, to act on your behalf. Your agent may contact us by using the information provided in the “How to Contact Us” section below to make a request on your behalf. Even if you choose to use an agent, we may, as permitted by law, require verification of the agent’s authorization to act on your behalf, require you to confirm you have authorized the agent to act on your behalf, or require you to verify your own identity.
Right to Nondiscrimination
You have the right to be free from discriminatory treatment for exercising the privacy rights conferred by the CCPA, including not being denied goods or services, charged different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties, provided a different level or quality of goods or services, or suggested that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
15. HOW TO CONTACT US
7 Dana Road
New York 10595
By sending an email to: firstname.lastname@example.org
By calling us: 866-896-1431
Please note that e-mail communications are not always secure. Please do not include health information, credit or debit card information or other sensitive information in your e-mail messages to us.
Last Revised: 10 May 2022