Effective Date: July 15, 2020
I. COLLECTION OF INFORMATION
We may collect the following kinds of information when you use the Services:
Information you provide directly to us. For certain activities, such as when you register, use our health services, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:
Information we collect automatically. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. We may also collect certain location information when you use our Services, such as your computer’s IP address, your mobile device’s GPS signal, or information about nearby WiFi access points.
We may also collect technical data to address and fix technical problems and improve our Services.
Information we obtain from your health care providers and other sources. In connection with the Services, we may collect medical and health information from you or your health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness. Possible Health is not a “covered entity” under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and its related regulations and amendments from time to time(collectively, “HIPAA”), but health care providers involved in the delivery of the Services may be “covered entities” under HIPAA, and we may in some cases be a “business associate” of a health care provider. HIPAA does not necessarily apply to us or to a provider due to the mere fact that health information is involved in our interactions, and HIPAA may not apply to your transactions or communications with us or the providers. Any medical or health information that you provide that is subject to specific protections under applicable state laws (collectively, with “protected health information,” as defined under HIPAA), will be used and disclosed only in accordance with such applicable laws.
II. USE OF INFORMATION
We generally use the information we collect online to:
III. SHARING OF INFORMATION
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.
If you choose to engage in public activities on the Site or third-party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in these public areas.
Hey Jane Health members have the right to request that Hey Jane Health restrict the use or disclosure of health information for certain aspects of treatment, payment, or health care operations. Please submit a form to request that Hey Jane Health restrict the use or disclosure of health information.
We use reasonable measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.
Hey Jane strives to ensure that data breaches are responded to in an appropriate fashion, in accordance with the HIPAA breach notification rule and other applicable law. Individuals have the right to provide feedback on Hey Jane's compliance with the HIPAA Privacy Rule and its HIPAA privacy policies and procedures (“Privacy Complaints”). Individuals also have the right to provide feedback on the organization’s breach notification process and compliance with the Breach Notification Rule.
To provide feedback on Hey Jane's HIPAA privacy policies and procedures, submit a feedback form.
V. CALIFORNIA RESIDENTS
Under the California Consumer Privacy Act (“CCPA”), California residents have certain rights regarding their personal information. If you would like to exercise these rights, please contact us using the email address, toll-free phone number, or physical mailing address, or other mechanism listed within the “Contact Information” section below. For your own privacy and security we may require you to prove your identity before providing the requested information, as provided for by the CCPA. We will respond within the requirements of the CCPA.
This Policy describes the personal information we collect from you and the purposes for doing so. Please see Sections I, II and III above. The CCPA grants you specific rights, including the following:
Upon a verifiable request, made through one of the methods provided within the “Contact Information” section below, we will disclose to you the items listed below, one or more of which may be provided by this Policy:
The categories of personal information we have collected about you.
The categories of sources from which the personal information was collected.
The business purpose behind collecting the personal information.
The categories of third parties with whom we have shared the information.
The specific pieces of personal information we have collected about you.
The right to request deletion: upon a verifiable request, made through the “Contact Information” section below, we will delete personal information we have regarding you and direct our service providers to delete your personal information from their records, to the extent provided by the CCPA.
The right to be free from discrimination: we will not discriminate against you for exercising any of your rights under the CCPA.
If you are a job applicant, you may provide certain personal information to us, including email address, phone number, name, SSN and government issued identification numbers.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to facilitate our response.
Time Limit to Respond
We will respond to all legitimate requests within forty-five days, or as required by the CCPA.
VI. THIRD-PARTY ADVERTISING, LINKS, AND CONTENT
To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or your mobile device, but your opt-out choice may apply only to the browser or device you are using when you opt out, so you should opt out on each of your browsers and devices if you want to disable all cross-device linking for interest-based advertising. If you opt out, you will still receive ads but they may not be as relevant to you and your interests.
We do not knowingly allow individuals under the age of 18 to create accounts that allow access to our Services.
X. CONTACT INFORMATION