GATHERING, USE AND DISCLOSURE OF NON-PERSONALLY-IDENTIFYING INFORMATION
Users of the Website Generally
“Non-Personally-Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally-Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person. Like most website operators, Company gathers from users of the Website Non-Personally-Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally-Identifying Information, it may be possible for Company to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. Company analyzes Non-Personally-Identifying Information gathered from users of the Website to help Company better understand how the Website is being used. By identifying patterns and trends in usage, Company is able to better design the Website to improve users’ experiences, both in terms of content and ease of use.
From time to time, Company may also release the Non-Personally-Identifying Information gathered from Website users in the aggregate, such as by publishing a report on trends in the usage of the Website.
We may use third-party advertising companies to serve ads when you visit the Website. These companies may use information (not including any Personally-Identifying Information) about your visits to the Website and other websites that are contained in Web Cookies in order to provide advertisements about goods and services of interest to you. Using a tool created by the Network Advertising Initiative, you can opt out of several third-party ad servers’ and networks’ Web Cookies simultaneously. If you would like more information about this practice and to know your choices about not having this information used by these companies, please follow the instructions and links here:http://www.networkadvertising.org/choices/
, or http://www.aboutads.info/choices. Please contact us if you would like to know the identity of the third-party advertising companies we are currently using to serve ads.
We may allow advertisers to choose the characteristics of users who will see their advertisements, and we may use any of the Non-Personally Identifying Information we have collected (including information you may have decided not to show to other users, such as your birth year or other sensitive personal information or preferences) to select the appropriate audience for those advertisements. We do not identify you to the advertiser.
A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. Company may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally-Identifying Information. They are a technique Company may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered, permitting you to accept or decline Web Cookies on an individual basis.
We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout
) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads help (https://support.google.com/ad/answer/262922?hl=en
Aggregated and Non-Personally-Identifying Information
We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personally-Identifying Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.
In addition, Company may make use of de-identified information in accordance with applicable privacy law.
Mobile Device Additional Terms
- Mobile Device. If you use a mobile device to access the Website or download any of our applications, we may collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address.
- Geo-Location Information. Unless we have received your prior consent, we do not access or track any location-based information from your mobile device at any time while downloading or using our mobile application or our services, except that it may be possible for Company to determine from an IP address the geographic location of your point of connectivity, in which case we may gather and use such general location data.
- Push Notifications. We send you push notifications if you choose to receive them, letting you know when someone has sent you a message or for other service-related matters. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings.
- Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information, such as how often you use the application, the events that occur within the application, aggregated usage, performance data and where the application was downloaded from. We do not link the information we store within the analytics software to any Personally-Identifying Information you submit within the mobile application.
We may provide you the option to connect your account on the Website to your account on some social networking sites for the purpose of logging in, uploading information or enabling certain features on the Website. When logging in using your social network credentials, we may collect the Personally-Identifying Information you have made publicly available on the social networking site, such as your name, profile picture, cover photo, username, gender, friends network, age range, locale, friend list and any other information you have made public. Once connected, other users may also be able to see information about your social network, such as the size of your network and your friends, including common friends. By connecting your account on the Website to your account on any social networking site, you hereby consent to the continuous release of information about you to us. We will not send any of your account information to the connected social networking site without first disclosing that to you. Each social network may further allow you to set privacy controls around your information on their system, and our collection of information will always follow such controls and permissions. This feature is subject to continuous change and improvement by us and each social networking site involved, and therefore the available features and shared information are subject to change without notice to you.
We may use hyperlinks on the Website which will redirect you to a social network if you click on the respective link. However, when you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button or the Google+, that particular social network’s plugin will be activated and your browser will directly connect to that provider’s servers. If you do not use these buttons, none of your data will be sent to the respective social network’s plugin provider. So for example, when you click on the Facebook’s “Like” button on the Website, Facebook will receive your IP address, the browser version and screen resolution, and the operating system of the device you have used to access the Website. Settings regarding privacy protection can be found on the websites of these social networks and are not within our control.
COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION
As defined above, Personally-Identifying Information is information that can be directly associated with a specific person. Company may collect a range of Personally-Identifying Information from and about Website users. Much of the Personally-Identifying Information collected by Company about users is information provided by users themselves when (1) registering for our service, (2) logging in with social network credentials, (3) participating in polls, contests, surveys or other features of our service, or responding to offers or advertisements, (4) communicating with us, (5) creating a public profile or (6) signing up to receive newsletters. That information may include each user’s name, address, email address and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also may request information about your interests and activities, your gender, age, date of birth, username, hometown and other demographic or relevant information as determined by Company from time to time. Users of the Website are under no obligation to provide Company with Personally-Identifying Information of any kind, with the caveat that a user’s refusal to do so may prevent the user from using certain Website features.
BY REGISTERING WITH OR USING THE WEBSITE, YOU CONSENT TO THE USE AND DISCLOSURE OF YOUR PERSONALLY-IDENTIFYING INFORMATION AS DESCRIBED IN THIS “COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION” SECTION.
We may occasionally use your name and email address to send you notifications regarding new services offered by the Website that we think you may find valuable. We may also send you service-related announcements from time to time through the general operation of the service. Generally, you may opt out of such emails at the time of registration or through your account settings, though we reserve the right to send you notices about your account, such as service announcements and administrative messages, even if you opt out of all voluntary email notifications.
Company will disclose Personally-Identifying Information under the following circumstances:
- Marketing Communications. Unless users opt-out from receiving Company marketing materials upon registration, Company may email users about products and services that Company believes may be of interest to them. If you wish to opt-out of receiving marketing materials from Company, you may do so by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below.
- Third-Party Marketing Communications. Unless users opt-out from receiving marketing materials upon registration, Company may provide users’ email information to third parties, so that those third parties may directly contact them about additional products and services. To cease having your email information provided to third parties, you may do so by going to your account settings (if applicable) or contacting us using the contact information below. Even after opting-out, you may continue to receive marketing emails from third parties to whom Company already has provided your email information. You will be responsible for directly contacting such third parties to request cessation of further marketing emails.
- Third-Party Service Providers. We may share your Personally-Identifying Information, which may include your name and contact information (including email address) with our authorized service providers that perform certain services on our behalf. These services may include fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, supporting the Website’s functionality and supporting contests, sweepstakes, surveys and other features offered through the Website. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose.
- Employees, Contractors, and Consultants. Some Company employees and operations contractors, and consultants may have limited access to your Personal Information in the course of providing services to you, including for the purpose of troubleshooting problems and/or resolving complaints. These contractors include vendors and suppliers that provide us with technology, services, and/or content for the operation and maintenance of the Website. Access to your Personal Information is limited to the information reasonably necessary for the employee or contractor to perform the function needed to resolve the issue or to provide or improve the service.
Changing Personally-Identifying Information; Account Termination
Children’s Personally Identifiable Information
The features, programs, promotions and other aspects of our service requiring the submission of personally identifiable information are not intended for anyone under 13 years of age. We do not knowingly collect personally identifiable information from children under the age of 13 other than minor children receiving the service through registration by their parent or legal guardian. If you are under 13 then you may not use or access our website or services at any time or in any manner. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personally identifiable information to us please contact us at email@example.com. A parent or guardian of a child under the age of 13 may review and request deletion of such child’s personally identifiable information as well as prohibit the use thereof.
MEDICAL DATA AND RESEARCH
BY USING OUR TECHNOLOGY and WEBSITE, YOU ALSO ACKNOWLEDGE RECEIPT OF THE NOTICE OF PRIVACY PRACTICES OF THE HEALTH CARE PROVIDER THAT YOU ENGAGE THROUGH OUR WEBSITE. Providers accessible through the Service are employed by or contract independently with a professional corporation or other professional entity (” Provider Group “), which is affiliated with Enara Health Inc.
In addition to the information described above in this Policy, you may provide us with and we may collect your personal information from you when you (i) post User Content; (ii) interact with Providers or your Customer Relations Specialists ; and/or (iii) provide us or have others provide us on your behalf, either via a request for information form or otherwise, with your health information such as information or records relating to your medical or health history, health status and laboratory testing results, diagnostic images, and other health-related information.
In addition to the uses we described above, we may use your information to:
Send you communications on behalf of the Providers and to facilitate the provision of health care services to you by the Providers;
Invite you to participate in IRB-approved research studies performed by Enara Health In.. This research may be sponsored by, on behalf of, or in collaboration with third parties, such as academic institutions, nonprofit organizations, and pharmaceutical companies. If you agree to participate in such a study, we will use the information we receive for the purposes of the study and share it with study sponsors and collaborators. To participate in such a study, you will need to agree to an IRB-approved consent form that Enara Health provides to you. The consent form will provide additional, detailed information about the study. If you have not provided your express consent to participate in Enara’s IRB-approved research studies, Enara will not use your information provided through the Service for such IRB-approved studies. Enara will, however, use the information for other research purposes as described in this Policy
Enara Health Inc reserves the right to use de-identified data (i.e data that can not be traced back to you) for IRB exempt research and to develop intellectual property, including but not limited to patents, copyrights and trademarks, and/or may commercialize products or services, directly or indirectly.
Protected Health Information, HIPAA and Communications . Some of the information you submit or that is created through your use of the Service may constitute “protected health information” (” PHI “) as defined by the Health Insurance Portability and Accountability Act (” HIPAA “). PHI does not include information that has been de-identified in accordance with HIPAA. Even though Enara is not a “covered entity” as defined by HIPAA, Provider and/or a Provider Group may be a “covered entity” and therefore a Provider, Provider Group and/or Enara Health Inc may be subject to certain requirements under HIPAA. As a result, Provider Group has adopted a HIPAA Notice of Privacy Practices (the ” Notice of Privacy Practices “) to describe how Provider Group and the Providers use and disclose your PHI. In connection with certain services we provide to or on behalf of the Provider Group and/or the Providers, Provider Group has requested that we disseminate to you the Notice of Privacy Practices of Provider Group and the Providers. Enara may be a “business associate” of Provider Group or a Provider under HIPAA, and as a result, as and to the extent Enara is in fact a “business associate” of Provider Group or the Provider(s) under HIPAA, Enara’s use and disclosure of PHI will be limited as and to the extent required by HIPAA, which may include, for example, providing you with certain communications via emails, text messages or in app messages that contain PHI, such as appointment reminders, encouragement, and advice. If you would prefer not to exchange PHI via email or text message, please notify us at firstname.lastname@example.org. You may also request we update, correct, or delete your PHI by contacting us at email@example.com ; provided however, that we may retain any PHI that we are required to maintain in accordance with HIPAA. Any information that does not constitute PHI may be used or disclosed in any manner permitted under this Policy.
One of Enara Health’s missions is to make and support meaningful scientific discoveries by using customer data to derive key treatment insights. For example, we may use key data to help us predict treatment outcomes which would benefit you as well as future patients. These findings are likely to be published in key scientific journals. Enara Health Inc reserves the right to use de-identified data (i.e data that can not be traced back to you) for IRB exempt research. For IRB non-exempt research, we will ask you to sign an authorization agreeing to let Enara Group researchers use your health data (including but not limited to self-reported data, vitals, medications, outcomes, genetics, and demographics). Discoveries made as a result of this research could be used to understand the basic causes of disease, develop drugs or other treatments and/or preventive measures, or predict a person’s risk of disease.
Based on the results of the studies, Enara may develop intellectual property, including but not limited to patents, copyrights and trademarks, and/or may commercialize products or services, directly or indirectly. In such cases you will not receive any compensation.
Your data will never be sold to third parties but some studies that Enara researchers conduct maybe sponsored by or conducted on behalf of third parties, such as non-profit foundations, academic institutions or pharmaceutical companies.
Enara uses a range of physical, technical, and administrative procedures to protect the privacy of your personal information, including your genetic data and your survey responses. Enara researchers who conduct the statistical analyses do not have access to Registration Information (name, address, email address, user ID, password, or credit card) of customers. To minimize the chance that an external person can determine that any particular customer is part of a study, Enara researchers either publish only data pooled across multiple customers or publish only very limited, non-identifying information of a smaller pool of patients.
COLLECTION AND USE OF INFORMATION BY THIRD PARTIES GENERALLY
We take the security of your Personally-Identifying Information seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures.
We are dedicated to protect all information on the Website as is necessary. However, you are responsible for maintaining the confidentiality of your Personally-Identifying Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, at least once a year and free of charge, information about the Personally-Identifying Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personally-Identifying Information that was shared and the names and addresses of all third parties with which we shared Personally-Identifying Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below.
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. The Website does currently respond to DNT browser signals or mechanisms.
Enara Health, Inc.
Attn: Privacy Officer
3050 S Delaware St Ste 130, San Mateo, CA 94402
Last updated on 10/25/2019
© Enara Health, Inc., a Delaware corporation – All Rights Reserved