This policy was last updated on July 16, 2018.
- Information We Collect
2.1.Personal Information Generally
When you access the Services, we will ask you to provide us certain information that personally identifies you, or the individual for whom you are using this Application, or could be used to personally identify you or the individual for whom you are using this Application, or that you provide to create profiles for additional users who you intend to invite (“users”) to use your Application (“Personal Information”). Personal Information about you, or others, or your users may include: (i) contact data (such as name, e-mail address and phone number); (ii) demographic data (such as gender, date of birth and zip code); (iii) insurance data (such as insurance carrier, insurance plan, member ID, group ID and payer ID); (iv) medical data (such as the doctors, dentists, pharmacies or other healthcare specialists, professionals, providers, or organizations (collectively, “Healthcare Providers”) visited, reasons for visit, medical history, and other medical and health information you choose to share with us); and (v) other identifying information that you choose to provide to us, including without limitation unique identifiers such as passwords. You may still access and use some of the Services if you choose not to provide us with any Personal Information, but features of the Services that require your and your users’ Personal Information will not be accessible to you.
We also may automatically collect certain data when you use the Services, such as (i) IP address; (ii) type of device(s) used to access the Services; (iii) web browser(s) used to access the Services; and (iv) other statistics and information associated with the interaction between your browser or device and the Services (collectively “Traffic Data”).
2.3.HIPAA and PHI
We may create, collect, receive, maintain or transmit information between you and us, or between us and our clients, that is considered protected health information as defined under the Health Insurance Portability and Accountability Act of 1996 as amended from time to time including Sections 13400 through 13424 of the Health Information Technology for Economic Clinical Health Act and the corresponding Standards for Privacy of Individually Identifiable Health Information, Security Standards and Notification in Case of Breach of Unsecured Protected Health Information (collectively, (“HIPAA”). HIPAA defines such information as “PHI”. You can learn more about HIPAA at http://www.hhs.gov/ocr/privacy/.
- How We Collect Information
We collect information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:
- When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys, questionnaires and the like;
- If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices; and
- Through cookies, web beacons, website analytics services and other tracking technology (collectively, “Tracking Tools”), as described below.
- Tracking Tools
Wildflower Health may use “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide convenience features to save you time. For example, if you personalize a web page, or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits.
4.2. Use of Web Beacons or GIF Files
Wildflower Health’s websites or mobile sites may contain electronic images know as web beacons – sometimes also called single-pixel gifs – that allow us to count users who have visited the Application or website to deliver services. We may also include web beacons in promotional email messages or newsletters in order to determine whether messages have been opened and acted upon.
4.3. Options for Opting out of Cookies and Mobile Device Identifiers
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Wildflower Health services or websites you visit.
You have the right, at any time, to review and/or modify any of your personal information that you provided during registration, or any other voluntarily provided information. We respect your privacy and give you an opportunity to opt-out of receiving announcements of certain information. Users may opt-out of receiving any or all communications from Wildflower Health by contacting us at email@example.com. To protect your confidentiality, we can only send a requested profile to the email address listed in the profile. In any event, for legal compliance purposes, we may retain information about you in a legal archive until such time as we no longer have legal obligations for such information. Our back-up files will maintain copies of your personal information until we complete normal operational overwriting of such files, but no longer than 90 days from the date your information was removed from our primary files pursuant to your request. We reserve the right to contact former users from time to time.
- Use and Disclosure of Personal Information
Wildflower Health may keep track of the screens, views, and actions that our users take when they use the Services in order to determine what Wildflower Health services are the most popular. This data is used to deliver customized content within the Services to users whose behavior indicates that they are interested in a particular subject area.
In addition, we also use information, including Personal Information, to provide the Services and to help improve the Services. Such use may include:
- Providing you with the products, services and information you request;
- Contacting you when necessary or requested, including to remind you of an upcoming appointment;
- Using statistical information that we may collect as permitted by law, including from third parties in connection with their commercial and marketing efforts; and
- Fulfilling our legally required obligations, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
- Disclosure of Personal Information
In certain circumstances, and in order to perform the Services, we may disclose certain information that we collect from you:
- We may share your Personal Information with Healthcare Providers with whom you choose to schedule through the Services.
- Provided that you choose to use the applicable Services, we may share your Personal Information with your Healthcare Providers.
- If you are accessing this Application as a benefit provided by your insurance provider and/or employer, we may share your Personal Information with the insurance provider and/or the employer you identify to us (and via our partners) to determine eligibility and cost-sharing obligations, to monitor usage of the Application, and otherwise obtain benefit plan information on your behalf.
In addition, we may also disclose your Personal Information to the extent necessary or appropriate to government agencies, advisors and other third parties in order to comply with applicable laws, the service of legal process, or if we reasonably believe such action is necessary to: (i) respond to a court order or request from a federal or state regulatory authority or to comply with any law or regulation requiring such disclosure; (ii) protect and defend the rights or property of Wildflower Health; (iii) prevent or aid in the investigation of a crime or protect national security; or (iv) act under exigent circumstances to protect the personal safety of users of Wildflower Health, or the public).
We may also disclose your Personal Information in connection with an audit of our books and records, a merger, reorganization, dissolution, liquidation, or sale of some or all of our assets, stock or business.
When we create, collect, receive, maintain or transmit PHI we do so under “business associate” agreements with our “covered entity” clients that require us to comply with HIPAA in doing so.
We do not sell, rent or lease our customer lists to third parties.
- Security of Personal Information
Wildflower Health secures your Personal Information from unauthorized access, use or disclosure through physical, administrative and reasonable technological measures. Although we will use reasonable efforts to safeguard the privacy of your Personal Information, transmissions over the Internet cannot be made absolutely secure. Wildflower Health assumes no responsibility or liability for disclosure of any of your Personal Information due to errors in transmission, unauthorized third-party access or other causes beyond our reasonable control.
- Public Information
You agree that any information that you may reveal in a review posting or online discussion or forum is intentionally open to the public and is not in any way private. What you have written may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
- Children Under Thirteen
Wildflower Health does not knowingly collect Personal Information from children under the age of 13. If you are under the age of 13, you must ask your parent or guardian for permission to use the Services. If we become aware that a user under the age of 13 has registered or is attempting to register, we will notify the user that the user is not eligible for registration. We will then expunge any related Personal Information from our records.
If you are a parent or legal guardian of a minor child, you may use the Services on behalf of such minor child. Any information that you provide while using the Services on behalf of your minor child will be treated as Personal Information as described herein.
- Changes to this Policy
- Security Breach and Identity Theft
The Services rely on the Internet and mobile networks, which are not always secure. We work hard to protect Wildflower Health and our users from data breaches, but we cannot assure that the use of the Services are secure. In the event we become aware of a security incident, we will notify you as required under applicable law.
Wildflower Health will not, at any time, request credit card information, login information, or any identification numbers in a non-secure or unsolicited email or telephone communication. You can learn more about how to prevent identity theft at www.ftc.gov.
- Residents of European Union
The information collected by Wildflower Health or its affiliates in providing the Services may constitute “personal data” under the terms of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 and/or other laws of the EU’s member states.
You have the right to object to certain purposes for processing your personal data. You can exercise these rights by contacting us:
Wildflower Health, Inc.
Attn. Nicole Harper
220 Halleck Street, Suite G100
San Francisco, CA 94129
- California Privacy Rights
California Civil Code Section 1798.83 permits users of the Services who are California residents to request certain information regarding Wildflower Health’s disclosure of personally identifiable information to third parties for their direct marketing purposes. To make such a request, please write to us at: firstname.lastname@example.org
Wildflower Health does not serve advertising on the Services.
- Contact Information