July 5, 2023
Information We CollectWe generally collect the following information:
- Information you share directly with us. We collect and process your information when you use the Application to request a Visit, create an account, login to the account, complete surveys, comment on articles, use messaging features, synchronize the Application with other third-parties and contact our support team. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content.
How We Use InformationWe generally process Personal Information, for the following reasons:
- To provide our Services. We process Personal Information in order to provide our Services, which includes the creation of customer accounts and authenticating logins, communication with you, facilitating communications (including requests for Visits), providing users with access to their health information, processing payments, and billing users’ insurance carriers.
- To analyze and improve our Services. We constantly work to improve and provide new tools and Services. For example, we are constantly working to improve our Application. We may also need to fix bugs or issues, analyze use of our website or Application to improve the customer experience or assess our marketing campaigns.
- When you give us your consent to do so, including if we notify you on our Application that the information you provide will be shared in a particular manner and you provide such information.
- To your treating Health Care Professionals.
- To third party payors who are financially responsible, or are reasonably believed to be financially responsible, for the Services.
- With contracted vendors, contractors, consultants, and other service providers who are working on our behalf and who require access to your information to carry out their work for us.
- We have adopted commercially reasonable information security policies and practices to help protect your information, but please note that no method of transmitting or storing electronic data is ever completely secure.
- For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
- To transmit a request for a Visit per your request.
- To send you information about your relationship or transactions with us.
- To notify you about our products, services, and special offers, except that we will not use PHI for marketing purposes without your prior written consent.
- To otherwise contact you with information that we believe will be of interest to you.
- To enhance or develop features, products and services. To allow us to personalize the content that you and others see on the Application.
- To provide advertisers and other third parties with aggregate information about Application users and Application usage patterns.
- To allow other select companies to send you promotional materials about their products and services, provided that no PHI will be used for this purpose without your prior written consent.
- With Affiliates: We may share your information with affiliated companies and businesses, provided that your PHI will not be shared for any marketing purposes without your prior written consent, in accordance with applicable law.
- With Service Providers: We may use other companies to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions, sending emails, fulfilling purchase requests, and data analysis on our behalf. These other companies may be supplied with or have access to your information solely for the purpose of providing these services to you on our behalf. Such service providers shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations.
- With Business Partners: When you make purchases or engage in promotions offered through our Application, we may share PII, but not your PHI, with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
- In response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
- When disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Heal, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce the Application’s terms and conditions or other agreements or policies.
- In connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the event of bankruptcy, as required or allowed by law.
- Identifiers (e.g. name, postal address, online identifier, Internet Protocol address, email address, account name, passport number, or other similar identifiers)
- Personal information categories listed in the California Customer Records statute, Cal. Civ. Code 1798.80(e) (e.g., Social Security number, physical characteristics or description, education, employment, employment history, financial information)
- Protected classification characteristics under California or federal law (e.g. age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, health condition, physical or mental disability, sex, sexual orientation, veteran or military status, genetic information)
- Commercial information (e.g. records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)
- Biometric information (e.g., genetic, behavioral, and biological characteristics or activity patterns, such as fingerprints or retina scans)
- Internet or other similar network activity (e.g., browsing history, search history)
- Geolocation data (e.g., physical location or movements)
- Sensory data (e.g., audio, electronic, visual, thermal, or similar information)
- Professional or employment-related information (e.g., current or past job history)
- Non-public education information pursuant to FERPA (e.g., educational records maintained by an educational institution)
- Inferences drawn from other personal information (e.g., profile reflecting a person’s preferences, characteristics, trends, behavior)
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose for collecting your personal information;
- The categories of third parties with whom we have shared your personal information; and
- The specific pieces of personal information we have collected about you.
- Complete your transaction;
- Provide you with the Services;
- Perform a contract between us and you;
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, and prosecute those responsible for such activities;
- Fix our system in the case of a bug;
- Protect the free speech rights, including the free speech rights of you or other users, or exercise another right provided by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
- Comply with a legal obligation; or
- Make other internal and lawful uses of the information that are compatible with the context in which you provided it.