Privacy Policy
Last Updated: May 31st 2019
myElth Inc. (“we” or “us”) is committed to protecting your privacy. This Privacy Policy describes how we collect, store, use and distribute information through our software, website, documentation, and related services (together, the “Services”).
Capitalized terms not defined in this Privacy Policy have the meaning as set forth in the Terms of Service for the Services, which can be found at www.myelth.com/terms-conditions.
1. Consent. By using the Services, you consent to the use of your Personal Information as described in this Privacy Policy. If you are not of legal age to form a binnt.ding contract (in many jurisdictions, this age is 18), you may only use the Services and disclose information to us with your parent’s or legal guardian’s express consent. Furthermore, children under the age of 13 cannot use or register for the Services in any way. Review this Privacy Policy with your parent or legal guardian make sure you understand it. Except as set forth in this Privacy Policy, your Personal Information will not be used for any other purpose without your consent. We do not actively collect Personal Information for the purpose of sale of such information in a way that specifically identifies the individual (i.e. we don’t sell customer lists). You may withdraw your consent to our processing of your Personal Information at any time. However, withdrawing consent may result in your inability to continue using some or all of the Services.
2. Collection of Information.
Personal Information
When registering for the Services, we may require you to provide certain personally identifiable information, such as your name, contact information, gender, date of birth, username and password. When using the Services, you may also voluntarily provide us with personally identifiable information, such as information regarding your medical insurance provider and plan. This information is referred to below as your “Personal Contact Information.”
When purchasing the Services, we will require you to provide financial and billing information, such as billing name and address, and credit card number (“Billing Information”). Your Personal Contact Information and your Billing Information, together with any other information we gather through the Services that may be used to identify, contact, or locate you individually, are collectively referred to herein as your “Personal Information.”
Data, Diagnostic & Login Information
You may be able to create, upload, publish, transmit, distribute, display, store or share information, data, text, graphics, video, messages or other materials using our Services (this is collectively referred to below as “Data”). Some of this Data may be stored and maintained on our servers. If you run into technical errors in the course of using the Services, we may request your permission to obtain a crash report along with certain logging information from your system documenting the error (“Diagnostic Information”). Such information may contain information regarding your Operating System version, hardware, browser version (and .NET version information in case of Windows systems), and your email address, if provided. Additionally, certain login information may be maintained in a cookie stored locally on your personal computing device (i.e. not on a server) in order to streamline the login process (“Login Information”).
Usage and Analytics Information
As you use our Services, we may also collect information through the use of commonly-used information-gathering tools, such as cookies, log files, and Web beacons. Such Information may include standard information regarding your mobile device, browser type, browser language, Operating System, Internet Protocol (“IP”) address, and the actions you take on our web site (such as the web pages viewed and the links clicked) or while using the Services. Collectively, this information is referred to as “Usage and Analytics Information.”
Geo-Location Information
We do not use GPS technology to collect any information regarding your precise real-time geo-location while using the Services. However, we may use elements of your Usage and Analytics Information (such as your IP address) to determine your generalized location. This information is referred to as “Generalized Geo-Location Information.”
3. Use of Information. We use the information we collect in the following ways:
Personal Contact Information
We use this information to manage your account, to provide the Services, to maintain our customer/visitor lists, to respond to your inquiries or request feedback, for identification and authentication purposes, for service improvement, and to address issues like malicious use of the Services. We may also use Personal Contact Information for limited marketing purposes, namely, to contact you to further discuss your interest in the Services, and to send you information about us or our partners.
Billing Information
We use Billing Information to manage your account, to provide the Services, and to check the financial qualifications of prospective customers and to collect payment for the Services. We may use a third-party service provider to manage credit card processing. If we do so, such a service provider will not be permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on our behalf.
Data
We use this information for the purpose of administering and improving our Services to you. To the extent that such information consists of your electronic health records (“Electronic Health Records”), we will also limit our usage of your Data pursuant to the terms of our section below titled “HIPAA Notice.”
Diagnostic Information and Login Information
We use this information for the purpose of administering and improving our Services to you. We may also use this information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, and to increase the Services’ functionality and user-friendliness
Usage and Analytics Information
We may use your Usage and Analytics Information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and to verify users have the authorization needed for the Services to process their requests.
Generalized Geo-Location Information
We may use this information for the purpose of administering and improving our Services to you, such as by providing you with relevant advertisements and promotions. We may also use your Geo-Location Information in an anonymized manner in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, and to increase the Services’ functionality and user-friendliness.
If we plan to use your Personal Information in the future for any other purposes not identified above, we will only do so after informing you by updating this Privacy Policy. See further the section of this Privacy Policy entitled “Amendment of this Privacy Policy.”
4. Disclosures & Transfers. We have put in place contractual and other organizational safeguards with our agents to ensure a proper level of protection of your Personal Information (see further “Security” below). In addition to those measures, we will not disclose or transfer your Personal Information to third parties without your permission, except as specified in this Privacy Policy (see further below).
From time to time we may employ third parties to help us provide and/or improve the Services. These third parties may have limited access to databases of user information or registered member information solely for the purpose of helping us to provide and/or improve the Services and they will be subject to contractual restrictions prohibiting them from using the information about our users for any other purpose. Such agents or third parties do not have any rights to use Personal Information beyond what is absolutely necessary to assist us.
We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. We may disclose Personal Information when we believe in good faith that such disclosure is required by and in accordance with the law.
We may also disclose your Personal Information in connection with a corporate re-organization, a merger or amalgamation with another entity, a sale of all or a substantial portion of our assets or stock, including any due diligence exercise carried out in relation to the same, provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information.
5. Non-US Users. These Services are hosted in the United States and are intended primarily for visitors located within the United States. If you choose to use the Services from other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you may be transferring your Personal Information outside of those regions to the United States for storage and processing. By providing your Personal Information through the Services, you consent to such transfer, storage, and processing.
6. Security. The security of your Personal Information is important to us. We use commercially reasonable efforts to store and maintain your Personal Information in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
You are also responsible for helping to protect the security of your Personal Information. For instance, never give out your password, and safeguard your user name, password and personal credentials when you are using the Services, so that other people will not have access to your Personal Information. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services.
You may be able to share Personal Information with third parties through use of the Services. The privacy policies of these third parties are not under our control and may differ from ours. The use of any information that you may provide to any third parties will be governed by the privacy policy of such third party or by your independent agreement with such third party, as the case may be. If you have any doubts about the privacy of the information you are providing to a third party, we recommend that you contact that third party directly for more information or to review its privacy policy.
8. Retention. We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law. All retained Personal Information will remain subject to the terms of this Privacy Policy. Please note that if you request that your Personal Information be removed from our databases, it may not be possible to completely delete all of your Personal Information due to technological and legal constraints.
9. Amendment of this Privacy Policy. We reserve the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy in the future, we will post or provide appropriate notice. Any non-material change (such as clarifications) to this Privacy Policy will become effective on the date the change is posted, and any material changes will become effective 30 days from their posting on [link] or via email to your listed email address. Unless stated otherwise, our current Privacy Policy applies to all Personal Information that we have about you and your account. The date on which the latest update was made is indicated at the top of this document. We recommend that you print a copy of this Privacy Policy for your reference and revisit this policy from time to time to ensure you are aware of any changes. Your continued use of the Services signifies your acceptance of any changes.
10. Access and Accuracy. You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your Personal Information accurate and up-to-date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: [email protected].
11. HIPAA Notice. The Health Insurance Portability and Accountability Act (“HIPAA”) is made up of a set of regulatory standards governing the security, privacy, and integrity of sensitive health care data, called protected health information. HIPAA applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA and their service providers. Please note that even though we are not a health care provider, and are therefore not an entity that is covered by HIPAA, we have implemented a full compliance program, adhering to the necessary regulatory standards outlined in the HIPAA Privacy Rule, HIPAA Security Rule, HIPAA Breach Notification Rule, HIPAA Omnibus Rule, PCI, and HITECH. These standards have been heavily vetted against the letter of the law and meet federal NIST requirements. We are proud to announce that our compliance has been verified by the HIPAA subject matter experts and Compliance Coaches at Compliancy Group (the largest and most authoritative HIPAA compliance training and software provider in the United States), and they have issued us their HIPAA Seal of Compliance®. The HIPAA Seal of Compliance Verification is a powerful third-party compliance verification standard, issued to organizations that have implemented an effective HIPAA compliance program as outlined by federal HIPAA regulation.
12. Contact Us. You can help by keeping us informed of any changes such as a change of email address or telephone number. If you would like to access your information, if you have any questions, comments or suggestions, if you find any errors in our information about you, or if you have a complaint concerning our compliance with applicable privacy laws, please contact us at
or by mail at:
myElth Inc. 3240 Maguire Way, Suite 414, Dublin, CA - 94568