Protecting your privacy is important to HealthArc, LLC. (“HealthArc,” the “Company”, “us” or “we”). This policy describes how the Company may use your data.
HealthArc LLC.(“HealthArc”, “we”, “us”, or “our”) operates the Healtharc.io website and HealthArc mobile and web applications to provide healthcare professionals with software solutions for Remote Patient Monitoring.
Data controller (or HCP, healthcare professional including supporting staff) means the natural or legal person who determines the purpose and the means of the processing of the Personal data;
Data processor (or Healtharc including subcontractors) means the natural or legal person processing the Personal data on behalf of the Data Controller;
Data subject (or User) means the physical person of which the Personal data has been collected pursuant to the Services;
Health data means data related to the physical and/or mental health of a natural person, including the provision of health care services, which reveal information about that natural subject;
Personal data means any information (including Health data) related to an identifiable natural individual and collected pursuant to the Services;
Services means the Healtharc website and all apps and software operated by Healtharc;
1. Why we collect your information:
We collect, use, disclose and process Personal data to provide you with the Services and to improve your user experience and technical support. Healtharc may use your Personal data to contact and correspond with you, to respond to your inquiries; to track communications with you; to perform safety backups of your Personal data; to assist you or your healthcare professional in tracking your Health Data; to generate global statistics (anonymized data will be used for this purpose); to help the Company develop new services and software features that meet your needs and to improve the Software.
2. What information we collect:
We collect Personal data from you in several different ways when you interact with our Services such as:
- Active Personal data collection: You actively send information to us when you sign-up as a member of the Services, respond to us or otherwise contact us. Depending on your choices, you may send us Personal data about yourself and/or others such as your email address, name, mailing address, phone number, birthday, and gender, or healthcare portal access key. At all times, you determine what information you want to actively share with us.
- Health Data Processing:If you are using the Services in the course of your medical treatment by a healthcare professional, you may actively send your Health Data throughout our Services to your healthcare professional. Healtharc shall only act as a Data processor relating to your Health Data.
- Passive Information Collection: We also collect information about how you use and interact with our Services. The collected information includes your IP address, the pages you visit within our Services, the date and time when you visit the website, the URL that referred you to our services, the device that you use to visit the website, and the device used when operating the app. We also collect usage information, such as which feature you are using, for how long and when, and demographic information, such as your gender and age, which we may prompt you for. The data collected does not identify you and is used to improve our Services’ performance and appearance through your account connection.
Necessary collection, use and disclosure:
Healtharc shall collect and use your Personal data only to the extent that is necessary to provide the Services and will not use your Personal data for purposes other than those why your Personal data was initially collected.
We keep your Personal data secured, encrypted and confidential and we do not disclose it, but note the following clarifications and exceptions:
- Law enforcement: We may share your Personal data to respond to law enforcement requests, court orders or other legal process or if we believe that such disclosure is necessary to investigate, prevent or respond to illegal activities, fraud, physical threats to you or others or as otherwise required by any applicable law or regulation.
- Bluetooth devices: At the user’s discretion, the Services may be connected by Bluetooth technology to health measuring devices. The manufacturers of these devices have elected to use Bluetooth LE (low energy) communication as a means of providing a “real-time” experience to users allowing immediate retrieval of data from their devices. The Services does not use Bluetooth for any other purpose. If you do not wish to have your Personal data transmitted by Bluetooth you may disable Bluetooth on your smartphone or similar device in the settings application for that device, or you may simply not connect (or disconnect if you have already connected) the devices that require Bluetooth on the Software.
- Aggregated Statistics and Reports: We freely use and disclose data in anonymous form, for example, in statistics or reports.
- Our employees and authorized independent contractors (“Authorized personnel”): Authorized personnel may have access to your Personal data for the purpose of helping us administer and run our Services (and not for their own, independent purposes, unless you consent to such use). Authorized personnel access and use such Personal data in accordance with our instructions, on a “need to know” basis, and under defined strict confidentiality and security obligations.
- Express consent: Healtharc shall also disclose your Personal data at your express request.
5. Personal data Hosting and Storing:
Except for non-identifiable and anonymized information which Healtharc may store in perpetuity and in any reasonable location, Healtharc shall host and store your Personal data for a maximum of 12 months after you delete your account, ask for the deletion of your account or have your account deleted by your healthcare professional. After such period, Healtharc may delete your stored Personal data, with respect to the applicable laws.
Your Personal data may be stored in locations outside of your state or country with respect to the applicable regional laws, such as, but not limited to, the General Data Protection Regulation of the European Union, the HIPAA of the United States of America and the Personal Information Protection and Electronic Documents Act of Canada.
6. Access and Update:
You have the right to access and obtain copies of your Personal data. You also have the right to update, rectify and correct any Personal data that you believe is inaccurate or incomplete. To do so, please contact our Privacy officer at email@example.com
7. Withdrawal of consent and Opt-out:
8. Generally not suitable for children under the age of :
Healtharc Services are not intended for children under the age of 13. We do not knowingly collect Personal data via the Services from users in this age group. We do, however, collect information about children and babies provided by the parents or legal guardians of such children or babies. We ask our Services’ users not to provide information about any baby or child without first getting their parents’ or legal guardians’ consent. By providing Personal data regarding any baby or child, you are affirming that you are legally authorized to do so. We encourage parents and legal guardians to talk to their children about their use of the Internet and the information they disclose pursuant to the Services.
In the event that the Services have been used by a child under the age of 13 to store information of that child without parental consent, Healtharc shall be and is authorized to delete, in its entirety, any of the information stored. Healtharc also reserves the right to revoke any license to use the Services which is being used by a child under the age of 13.
As we also do not intentionally collect or maintain information in the Services from those visitors and Users of the Services who are under 18 years old.
9. Third-Party Programs:
Healtharc uses commercially reasonable and appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal data we collect. However, Healtharc can’t fully eliminate security and/or privacy risks associated with Personal data created, stored or transferred using the internet and internet technologies.
Healtharc, as the Data processor, shall not be liable for any breach, unauthorized disclosure or unlawful use of your Personal data or Health data that was, at the time of the breach, under the control of your healthcare professional.
11. Electronic communications (E-mails):
Your email address may be used to send you Electronic Communications from time to time. At any time, you may ask us to stop sending you Electronic Communications by contacting firstname.lastname@example.org or using the unsubscribe clickable mechanisms provided at the bottom of such communication.
13. End User License Agreements:
The End User License Agreement, available at http://22.214.171.124/webapp/terms-of-use and governing your use of the Services (and which may be viewed from the info page of the software) contains important provisions disclaiming and excluding the liability of Healtharc and others in relation to your use of the Services, and provisions determining the applicable law and exclusive jurisdiction for the resolution of any disputes regarding your use of the Services. Each of those provisions also applies to any disputes that may arise in relation to this Policy and the collection, use and disclosure of your Personal data, and are of the same force and effect as if they had been reproduced directly in this Policy.
14. Do Not Track :
While many current browsers permit you to send a signal to us about your Do Not Track (“DNT”) preferences, we do not respond or support DNT signals sent from your browser.
15. Access, Comments, and Questions