Please read the following carefully to understand our views and practices regarding your Personal Data.
WE AT EBM DATA TOOLS VALUE YOUR PRIVACY AND ARE COMMITTED TO KEEPING YOUR PERSONAL DATA CONFIDENTIAL. WE USE YOUR DATA SOLELY IN THE CONTEXT OF PROVIDING A PLATFORM FOR COLLECTING PATIENT- REPORTED HEALTH AND OTHER PERSONAL DATA FOR PROVIDERS TO (I) PROACTIVELY TRACK AND ANALYZE PATIENTS’ HEALTH CONDITIONS, (II) REVIEW TRENDS ON INDIVIDUAL PATIENTS OVER THE COURSE OF TREATMENT; (III) ANALYZE TRENDS FOR ALL SIMILARLY SITUATED PATIENTS ON A PER PATIENT AND AGGREGATED LEVEL; AND (IV) INTEGRATE PATIENT DATA FROM WEARABLE REMOTE SENSOR MONITORS INTO THE PATIENTS’ DATASET.
SOME OF THE PERSONAL DATA WE COLLECT AND TRANSMIT MAY BE CONSIDERED “Protected Health Information” or “PHI” (information that relates to Your past, present, or future physical or mental health or condition(s); the provision of health care to You; or the past, present, or future payment for the provision of health care to You). THEREFORE, OUR PRIVACY PRACTICES ARE INTENDED TO COMPLY WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (“HIPAA”) WHERE APPLICABLE. FOR ADDITIONAL INFORMATION RELATED TO HOW WE USE AND DISCLOSE YOUR PHI, PLEASE CONTACT US AT firstname.lastname@example.org.
What Personal Data do we collect?
The types of Personal Data We collect are described below.
We collect demographic information, such as Your name, birth year, gender, phone number, physical address and email address. Primarily, the collection of Your Personal Data assists us in creating Your User Account, which You can use to securely to receive the Services.
For Patients: Health and Device Data
In addition to demographic information, if you are a patient, We will collect information regarding Your health conditions, age, gender, weight, height, medical history, symptoms, pain and functionality assessments, and information from Your connected sensor monitoring device (the “Device”). We collect this information to provide Your healthcare provider using the Platform in the course of Your care with the information required to provide medical treatment.
For Patients: Social Determinant of Health Data
In addition to health and device data, if you are a patient, We will collect information regarding your employment, occupation, nicotine habits, health conditions, surgery history, open lawsuit as a result of pain, victim of abuse and insurance. We collect this information to provide Your healthcare provider using the Platform in the course of Your care with the information required to provide more targeted data and analyses in determining your treatment plan.
How will We use Your Personal Data?
We process Your Personal Data based on legitimate business interests, the fulfillment of Our Services to You, compliance with Our legal obligations, and/or Your consent. We only use or disclose Your Personal Data when it is legally mandated or where it is necessary to fulfill those purposes described herein. Where required by law, we will ask for your prior consent before doing so.
Specifically, we process Your Personal Data for the following legitimate business purposes:
- To fulfill our obligations to You under the Terms of Us
- To communicate with You about and manage Your User Account
- To properly store and track Your data within our system
- To respond to lawful requests from public and government authorities, and to comply with
applicable state/federal law, including cooperation with judicial proceedings or court orders.
To protect Our rights, privacy, safety or property, and/or that of You or others by providing proper notices, pursuing available legal remedies, and acting to limit Our damages
To handle technical support and other requests from You
To manage and improve Our operations and the Platform, including the development of additional functionality
To evaluate the quality of service You receive, identify usage trends, and thereby improve Your user experience
To keep Our Platform safe and secure for You and for Us
To send You information about changes to our terms, conditions, and policies
To allow Us to pursue available remedies or limit the damages that We may sustain
To provide reports to healthcare providers using our Platform in an anonymized and aggregated format
To enable patient users to share Personal Data with their healthcare providers.
Where is your Personal Data processed?
Personal Data We through the Platform will be stored on secure servers in the United States. Personal Data may be transmitted to third parties, which parties may store or maintain the data on their secure servers. These third parties are not permitted to transfer your Personal Data outside of the United States.
Will We share your Personal Data with anyone else?
Yes, for patients, with your healthcare provider with whom you choose to allow Us to share such Personal Data via the Platform.
We will share information you enter into the Platform and information collected from the connected Device, as well as any reports generated by the Services based on the information you enter, with a healthcare provider with whom you choose to allow Us to share such information. If, at any point, you want to deny access to one or more third parties, you can do so by emailing email@example.com
Yes, with third parties that help us power our Services
We have a limited number of service providers and other third parties (“Business Partners”) that help Us run various aspects of Our business. These Business Partners are contractually bound to protect Your Personal Data and to use it only for the limited purpose(s) for which it is shared with Us. Business Partners’ use of Personal Data may include, but is not limited to, the provision of services such as data hosting, IT services, customer service, and payment processing.
Yes, with third parties and the government when legal or enforcement issues arise
Yes, with third parties that provide advisory services
We may share your Personal Data with third parties that provide use services, including but not limited to, Our lawyers, auditors, accountants, or banks, when We have a legitimate business interest in doing so.
Yes, with third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of EBM Data Tool’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings)
If We share Your Personal Data with a third party other than as provided above, You will be notified at the time of data collection or transfer, and You will have the option of not permitting the transfer.
How long do We retain Personal Data?
NOTE: Once we disclose your Personal Data to third parties, we may not be able to access that Personal Data any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. Written requests for deletion of Personal Data other than as described should be directed to firstname.lastname@example.org.
We may also collect information using pixel tags, web beacons, clear GIFs or other similar technologies. These may be used in connection with some web site pages and HTMLformatted email messages to, among other things, track the actions of users and email recipients, and compile statistics about usage and response rates.
How can You “Opt Out” of Cookies?
If You prefer, You can usually choose to set Your browser to remove cookies and reject cookies. If You enable a do not track (DNT) signal or otherwise configure Your browser to prevent Us from collecting cookies, you might not be authenticated to our system. If you need to login to the system, you will need to enable cookies. You will still be able to perform any task that doesn’t involve login to system.
How do We protect Your Personal Data?
We are committed to protecting the security and confidentiality of Your Personal Data. We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of Your Personal Data, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in our possession or control that could result in substantial harm or inconvenience to You. However, internet
data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, We cannot ensure the security of information You transmit to Us. By using the Services, You are assuming this risk.
We store Your Personal Data on secure servers, and protect this data using a combination of technical, administrative, and physical security safeguards, such as authentication, encryption, backups, and access controls, in accordance with federal privacy law. If We learn of a security concern, We may attempt to notify You and provide information on protective steps to mitigate any potential harm, if available, through the email address that You have provided to Us. Depending on where You live, You may have a legal right to receive such notices in writing.
NOTWITHSTANDING ANY OF THE STEPS TAKEN BY US, IT IS NOT POSSIBLE TO GUARANTEE THE SECURITY OR INTEGRITY OF DATA TRANSMITTED OVER THE INTERNET. THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED DESPITE THE IMPLEMENTATION OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. THEREFORE, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US AND YOU TRANSMIT SUCH PERSONAL DATA AT YOUR OWN RISK.
In instances where you have authorized the Company to use and disclose your Personal Data for certain purposes, you may withdraw your consent in the future. You may withdraw your consent by sending your request in writing to: email@example.com or 1610 N Kingshighway St #202, Cape Girardeau, MO 63701. Please note that your withdrawal will not be effective until We receive your request, and will not apply to uses and disclosures that We have already made in reliance on your consent.
How can You Protect Your Personal Data?
We will NEVER send You an email requesting confidential information such as account numbers, usernames, passwords, or social security numbers, and You should NEVER respond to any email requesting such information. If You receive such an email that looks like it is from Us, DO NOT RESPOND to the email and DO NOT click on any links and/or open any attachments in the email, and notify EBM Data Tools support at firstname.lastname@example.org.
If applicable, You are responsible for taking reasonable precautions to protect Your user ID, password, and other User Account information from disclosure to third parties, and You are not permitted to circumvent the use of required encryption technologies. You should immediately notify Us at email@example.com if You know of or suspect any unauthorized use or disclosure of Your user ID, password, and/or other User Account information, or any other security concern.
You have certain rights relating to your Personal Data, subject to local data protection laws. These rights may include:
- to access Your Personal Data held by Us
- to erase/delete Your Personal Data, to the extent permitted by applicable data protection laws
- to receive communications related to the processing of Your personal data that are concise, transparent, intelligible and easily accessible;
- restrict the processing of Your Personal Data to the extent permitted by law (while we verify or investigate Your concerns with this information, for example);
- to object to the further processing of Your Personal Data, including the right to object to marketing;
- to request that Your Personal Data be transferred to a third party, if possible;
- to receive Your Personal Data in a structured, commonly used and machine-readable format
- to lodge a complaint with a supervisory authority
- to rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete
- to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects (“Automated Decision-Making”); and
Where the processing of Your Personal Data by EBM Data Toos is based on consent, You have the right to withdraw that consent without detriment at any time or to exercise any of the rights listed above by emailing EBM Data Tools at firstname.lastname@example.org.
If you are a California resident, the California Consumer Privacy Act (“CCPA”) may apply to you. To the extent it applies, please see the CCPA attachment.]
How can You update, correct, or delete Personal Data?
You can change your email address and other contact information by requesting intake information from your provider. Please note that in order to comply with certain requests to limit use of Your Personal Data, We may need to terminate Your account and Your ability to access and use the Services, and You agree that We will not be liable to You for such termination or for any refunds of prepaid fees paid by You. You can deactivate your account by making a formal request at email@example.com.
Although We will use reasonable efforts to do so, You understand that it may not be technologically possible to remove from Our systems every record of Your Personal Data. The need to back up Our systems to protect information from inadvertent loss means a copy of Your Personal Data may exist in a nonerasable form that will be difficult or impossible for Us to locate or remove.
Can You “OPTOUT” of receiving communications from Us?
We pledge not to market third party services to You without Your consent. We only send emails to You regarding Your account, and by signing up for an account, We have Your
express consent to do so. You can choose to filter these emails using Your email client settings, but We do not provide an option for You to opt out of these emails.
Information submission by minors
We do not knowingly collect Personal Data from individuals under the age of 18. Our Services are not directed to individuals under the age of 18. We request that these individuals not provide Personal Data to Us. If We learn that Personal Data from users less than 18 years of age has been collected, We will deactivate the account and take reasonable measures to promptly delete such data from our records. If You are aware of a user under the age of 18 using the Web Site, please contact Us at firstname.lastname@example.org.
If You are a resident of California under the age of 18 and have registered for an account with Us, You may ask Us to remove content or information that You have posted to Our Platform.