datosX
PRIVACY POLICY
Last Updated: 07/26/2024
This Privacy Policy describes how information about you is collected, used, and disclosed by datosX Digital Health Labs, owned and operated by datosX and our subsidiaries and affiliated companies (collectively, “datosX” “we,” or “us”) collect, use, and disclose information about you. At datosX, we believe that your personally identifiable data belongs to you, and your privacy is our priority.
This Privacy Policy applies to information we collect when you access or use our mobile applications and other online products and services, (collectively, our “Service”), or when you otherwise interact with us, such as through our customer support channels. By using our Service, you acknowledge and agree to the practices and policies outlined in this Privacy Policy.
Our Service is not intended for use by individuals under the age of eighteen (18). If you are under the age of eighteen (18), please do not provide any information to us or otherwise use our Service.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Privacy Policy. We may also provide you with additional notice (such as by adding a statement to the Service or sending you a notification), such as in connection with making material changes to this Privacy Policy. We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.
CONTENTS
SOURCES OF INFORMATION
There are several ways we may obtain information about you. datosX collects information from you (a) that you choose to share with us when you sign up for or are using our Services and when you otherwise interact with us, such through our customer service channels, (b) that we collect automatically when you use our Services, (c) when you view our website; and (d) that we receive from third parties.
We collect information from you directly. We collect information when you use our Services or otherwise interact with us. This may include registering for an account with us, providing us with information regarding your patients/study participants, provide a review, or signing up for communications. We may collect additional information if you participate in any of our surveys.
We collect information automatically. We and our third-party service providers collect data about you using automated technology like cookies and pixels via our Services when you visit our website. We use these technologies to improve our Services and your experience, see which areas and features of our Services are popular, and count visits.
Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect the availability and functionality of our Service. For more information about cookies, please see All About Cookies.
We get information about you from other sources. We may collect information about you from our business partners. We do not provide health care, and we do not originate, edit, or modify your patients/study participants’ health care records in any way – we merely make them easy for you to obtain, store, and share with other providers and/or your patients/study participants, as needed. We may also acquire information from other sources to help us maintain the accuracy of the information we collect and for internal business analysis or other business purposes. This information includes data such as: corroborating and verifying your identity to ensure that we are only accessing or sharing the health care records of the right person.
Information We Collect
We collect various types of data about you from various sources, as described below.
- Identifiers: contact and account information. We may collect your name, email address, postal address, and phone number. We may also collect information you provide to create an account or profile.
- Demographic information. In order to provide the Services to you and ensure we are collecting and storing only your records to your account, we may collect information from or about you in order to prove or verify your identity. Examples may include your date of birth, age or age range, gender identity, and geographic location (e.g., ZIP Code.
- Healthcare information. In order to provide the Services, with your consent we will collect information regarding your designated patients/study participants’ treatment and other healthcare, vaccination records, and names of treating physicians and healthcare providers including medical record numbers and other unique identifiers.
- Commercial Information:
- Customer service and feedback. We may collect information from you when you request customer support or information from us, provide feedback or reviews about your experience with us or our products, or otherwise communicate with or contact us.
- Location Information: In accordance with your device permissions, we may collect or infer information about the location of your device based on your zip code or IP address.
- Internet or other electronic network activity information: We collect information about how you access our Service, including data about the device and network you use, such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, browser type, and app version. We also collect information about your activity on our Service, such as login attempts, logout events, access times, pages and data viewed, links clicked, and the page you visited before navigating to our Service.
- any other information you choose to provide.
- data underlying any errors that may occur during your use of the Service.
USE OF INFORMATION
We use the information that we collect from you and about you to provide the Service and for a variety of business purposes, as follows:
- We use information to provide the Service. We primarily use information to provide the Service to you, including processing your registration, verifying your identity and obtaining information about your patients/study participants, and obtaining your designated patients/study participants’ health care records.
- We use information to communicate with you. We may use information to answer your questions and comments, including providing you with information about this Policy or our Terms of Service. We may also use information to provide you with customer service.
- We use information to improve our Services. We may use information to make our Services better.
- We use information to advertise new features or additional services offered by DatosX
- We use information to protect our company and others. We use information to identify fraud, and secure our Services and systems in an effort to protect you and our other customers.
- We use information for other lawful purposes or as we may disclose to you.
DISCLOSURE OF INFORMATION
- We may disclose information we collect from and about you as follows:
- We take the privacy and security of your medical information very seriously and share personal information (other than your patients/study participants’ “Protected Health Information” as such term is defined in Title 45 C.F.R. Section 106.103) that you enter into the Service only with individuals, entities, or organizations that you may designate (collectively, “Relying Parties”) for purposes of:
- obtaining access to your patients/study participants’ medical records;
- sharing your patients/study participants’ stored medical records with your direction and consent;
- other uses which you specify in the app
- We disclose information with service providers and other third parties we work with. We may disclose information with external companies who perform business, technical, professional, or marketing related services for us. Examples include identity verification services, customer service providers, email delivery services, and cloud infrastructure providers. This also includes companies that help us with fraud detection and Service operations. We may disclose information with data analytics vendors or market research companies. In some circumstances these entities may use your information for their own legitimate business purposes. This might include internal analytics but would not include marketing directly to you.
- We disclose information with any successor to all or part of our business. In the event that datosX or its assets are acquired by or merged with another company, we may disclose all categories of information as part of that transaction. This acquisition or merger may include part of our business or one of our brands. This may occur in the event of bankruptcy.
- We disclose information if we think we have to in order to comply with the law or to protect ourselves. For example, we may disclose all categories information to respond to a court order or subpoena. We will disclose information if a government agency or regulatory body requests it. This includes U.S. and non-U.S. law enforcement or regulatory authorities.
- We disclose aggregate or anonymous information. We may disclose aggregate, anonymous, or de-identified information that cannot reasonably be used to identify you or your patients/study participants for the purpose of delivering the Services.
- We disclose information as permitted by law and for other reasons we may describe to you.
We may combine the information we receive from and about you, including information you provide to us and information we automatically collect through our Services, as well as information collected offline, across other computers or devices that you may use, and from third party sources.
We will not share your information with any other individual without your consent, and do not permit others to create or access accounts for anyone else. Only you are permitted to sign into, view, request, access, and direct the sharing of your records – which is why we verify your identity each and every time you use the Service.
We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you. We do not knowingly “share” or “sell” any personal information about you or your patients/study participants.
In limited circumstances, you may delegate your access to a third-party group acting on behalf of many patients/study participants. We will provide you with additional information regarding the delegation authorization if this applies to your situation.
ANALYTICS
We engage others to provide analytics services across the web and in mobile apps. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our Service and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in mobile apps, links clicked, and conversion information. This information may be used by datosXand others to, among other things, analyze and track data, determine the popularity of certain content, and better understand your online activity.
DATA SECURITY AND RETENTION
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of personal data. We maintain organizational, technical and administrative measures designed to protect personal data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your personal data is only accessible to a limited number of personnel who need access to the information to perform their duties. No data transmission or storage system can be guaranteed to be 100% secure. If you believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us via the contact information in the Contact Us section of this policy.
We will retain your personal data as long as we are providing the Service to you. We retain personal data after we cease providing the Service directly to you to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention. Where we retain data, we do so in accordance with obligations imposed by applicable law and under this Privacy Policy.
YOUR PRIVACY RIGHTS AND CHOICES
Account Information
You may review, update and correct certain account and other personal information previously disclosed to us by updating your account information in the Service or contacting us at info@datosxdhl.com. If you wish to delete your personal information, please contact us at info@datosxdhl.com but note that we may retain certain information as required by law or for our legitimate business purposes.
Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect the availability and functionality of our Service. For more information about cookies, please see All About Cookies.
Communications Preferences
You may opt out of receiving promotional emails from datosX by following the instructions in those communications or by contacting us at info@datosxdhl.com. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
Mobile Push Notifications
With your permission, we may send push notifications to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.
STATE-LEVEL PRIVACY PROTECTIONS
Many U.S. states, including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia have enacted consumer privacy laws that grant their residents certain rights and require additional disclosures (“State Laws”). As new State Laws are passed, we will extend necessary protections to our users. If you are a resident of one of these states, this section applies to you.
In the preceding 12 months, we have collected the following categories of personal information: identifiers, demographic information, commercial information, internet or other electronic network activity information, audio and visual data, and inferences. For details about the precise data points we collect and the sources of such collection, please see the “Information We Collect” section above.
We collect, use and disclose personal information for the business and commercial purposes described in the “Use of Information” section above.
In the preceding 12 months, we have made the disclosures to the following categories of recipients:
Categories of Personal Information | Categories of Recipients |
Identifiers, such as your contact and account information | Affiliates and subsidiaries, fraud prevention partners, data analytics providers, marketing partners, payment and financing processors, fulfillment partners, customer support partners, Internet service providers, operating systems and platforms, customer feedback platforms, and cloud service providers. |
Demographic information | Affiliates and subsidiaries, fraud prevention partners, data analytics providers, marketing partners, payment and financing processors, fulfillment partners, customer support partners, Internet service providers, operating systems and platforms, customer feedback platforms, and cloud service providers. |
Healthcare Information | Affiliates and subsidiaries, fraud prevention partners, data analytics providers, marketing partners, payment and financing processors, fulfillment partners, customer support partners, Internet service providers, operating systems and platforms, customer feedback platforms, and cloud service providers. |
Commercial information | Affiliates and subsidiaries, fraud prevention partners, data analytics providers, marketing partners, payment and financing processors, fulfillment partners, customer support partners, Internet service providers, operating systems and platforms, customer feedback platforms, and cloud service providers. |
Internet or other electronic network activity information | Affiliates and subsidiaries, fraud prevention partners, data analytics providers, marketing partners, payment and financing processors, fulfillment partners, customer support partners, Internet service providers, operating systems and platforms, customer feedback platforms, and cloud service providers. |
Inferences | Advertising and marketing networks, data analytics providers |
Access, Correction, and Deletion
Depending on where you live, you may have the right to (1) request to know more about and access your personal information, including in a portable format, (2) request deletion of your personal information, and (3) request correction of inaccurate personal information. To request access, correction, or deletion of your personal information, please email us at info@datosxdhl.com. We will verify your request by asking you to provide certain information, such as your name, email address, mailing address, and phone number.
Appeals
If we deny your request, you may appeal our decision by contacting us at info@datosxdhl.com. If you have concerns about the results of an appeal, you may contact the attorney general in the state where you reside.
Nondiscrimination
We will not discriminate against you for exercising your privacy rights.
If you reside in certain states, you can designate an authorized agent to submit a privacy rights request on your behalf. We may ask authorized agents to submit proof of your authorization to make the request, such as a valid power of attorney or proof that they have signed permission from the individual who is the subject of the request. Please do not provide any sensitive personal information in connection with the request, such as a driver’s license or other government-issued ID. In some cases, we may be required to contact the individual who is the subject of the request to verify his or her own identity or confirm the authorized agent has permission to submit this request. If you are an authorized agent seeking to make a request, please contact us at info@datosxdhl.com.
Any request to exercise one of these rights will be assessed by datosX on a case-by-case basis. There may be circumstances in which we are not legally required to comply with your request because of a relevant legal exemption provided for under applicable law. We will not discriminate or retaliate against you for exercising your privacy rights. If you choose not to disclose certain personal information, this may limit our ability to perform the Services to you.
We retain personal information for as long as necessary to carry out the purposes for which we originally collected it and for other purposes described in this privacy policy.
We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you. We do not knowingly “share” or “sell” any personal information about you without your explicit consent.
IMPORTANT INFORMATION FOR RESIDENTS OF OTHER COUNTRIES
Cross-Border Data Transfers
datosX is based in the U.S. and we process and store personal information on servers located in the U.S. We also use service providers to process personal information, and they may be located in, or have servers in, the U.S. and other countries. Where required by law, we provide adequate protection for the transfer of personal information in accordance with applicable law, such as by obtaining your consent, relying on the European Commission’s adequacy decisions, executing Standard Contractual Clauses, or complying with another approved data transfer mechanism. Where relevant, you may request a copy of these Standard Contractual Clauses by contacting us at info[at]datosxdhl.com.
Additional Disclosures for Canada
If you reside in Canada, this section applies to you. You may exercise your rights to access and correct the personal information we hold about you by emailing us at info@datosxdhl.com. By submitting personal information to us or our service providers, you consent to the collection, use, disclosure, and transfer of your personal information in accordance with this Policy and as permitted or required by law. You may withdraw your consent at any time by emailing us at info@datosxdhl.com . If you withdraw your consent (or if you decide not to provide certain personal information), you acknowledge that we may not be able to provide services to you.
Additional Disclosures for Europe
If you are located in the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, this section applies to you.
When we process your personal information, we do so based on the following legal grounds:
- Processing is necessary to take steps at your request (e.g., to process your request for services).
- We have a legitimate interest in processing your personal information (e.g., our interests in managing our internal business processes and providing you with the requested services).
- Processing is necessary to comply with our legal obligations.
- Processing is necessary to protect your vital interests or those of others.
- We have your consent to process your personal information. When your consent is the legal basis for our processing, you may withdraw such consent at any time by emailing us at info@datosxdhl.com.
You have the right to (1) request to know more about and access your personal information, including in a portable format, (2) request deletion of your personal information, (3) request correction of inaccurate personal information, (4) request restriction of processing of your personal information, and (5) object to the processing of your personal information for certain purposes. To exercise any of these rights, please email info@datosxdhl.com. Any request to exercise one of these rights will be assessed by datosX on a case-by-case basis. There may be circumstances in which we are not legally required to comply with your request, such as a legal exemption under applicable law.
If you have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the relevant data protection authority (this may be linked to where you reside, work, or the place of any alleged infringement). Contact details for your data protection authority can be found using the links below:
- For individuals in the EEA, click here.
- For individuals in the UK, click here.
- For individuals in Switzerland, click here.
CONTACT US
If you have any questions about this Privacy Policy, you can email us at info@datosxdhl.com.