PRIVACY POLICY
PRIVACY POLICY
This Privacy Policy describes the privacy practices of Cloud Clinic, Inc. (hereafter, “Company,” “we,” “us,” or “our”) with regard to information that we obtain, either directly or indirectly, through your use of our hosted services known as Cloud Clinic (“Cloud Clinic”). Reference to Cloud Clinic herein means the Cloud Clinic Platform and our website and any associated services or support provided by us (collectively, the “Services”). This Privacy Policy does not apply to any of our other offerings, or information obtained outside of your use of Cloud Clinic. By using Cloud Clinic, you agree to this Privacy Policy.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you may not elect to use Cloud Clinic and its services; if you do not agree with these policies and practices, you should immediately cease to use Cloud Clinic and any of its services. We may revise and update this Privacy Policy from time to time at our sole discretion. Your continued use of our services after we make changes is deemed to be acceptance of those changes, so please check back periodically for updates.
Please note, Cloud Clinic, Inc. is an administrative and technology service provider that owns the Services. Cloud Clinic has entered into contracts with certain independent health care providers who provide mobile, non-emergency general adult and pediatric health services (collectively, “Cloud Clinic Providers”). Among other things, Cloud Clinic, Inc. contracts with Cloud Clinic Providers, licenses the Services to Cloud Clinic Providers to provide Cloud Clinic Providers with the capability to receive, respond to and schedule requested telehealth services and in-person visits. Cloud Clinic Software, Inc. does not provide any medical services, nor does it refer or recommend any physician or medical practice or any other medical provider or personnel.
I. DATA COLLECTION
We may collect the following kinds of information when you use the Services:
Information you provide directly to us. For certain activities, such as when you register an account, use our telemedicine services, or contact us directly, we may collect some or all of the following types of information:
- Contact information, such as your full name, email address, phone number, and address;
- For health care providers, information about your employment, such as your job title, practice area, primary specialty, and medical license status, gender, date of birth, languages spoken, educational background, address, photograph, social security number, Tax ID, NPI number, professional license information and bank account information;
- Username and password;
- Payment information, such as your credit card number, expiration date, and credit card security code;
- Personal health information, including information about your diagnosis, previous treatments, general health, health insurance and information which you have stored in Apple HealthKit (to the extent you choose to synch that data with our services); and
- Any other information you provide to us.
- Other information related to your use of our services.
- We may combine such information with information we already have about you.
- Information we collect automatically. . We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. We may also collect certain location information when you use our Services, such as your computer’s IP address, your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.
- We may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. Local Shared Objects (sometimes referred to as “Flash Cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. By using the Services, you consent to our use of cookies and similar technologies.
- We may also collect technical data to address and fix technical problems and improve our Services, including the memory state of your device when a system or app crash occurs while using our Services. Your device or browser settings may permit you to control the collection of this technical data. This data may include parts of a document you were using when a problem occurred, or the contents of your communications. By using the Services, you are consenting to the collection of this technical data.
- Information we obtain from your health care providers and other sources. In connection with your treatment, we may collect medical records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your illness.
- We may also receive information about you from other sources, including through third-party services and organizations. We may combine our first-party data, such as your email address or name, with third-party data from other sources and use this to contact you (e.g. through direct mail). For example, if you access third-party services, such as Facebook, Google, or Twitter, through the Services to login to the Services or to share information about your experience on the Services with others, we may collect information from these third-party services.
II. PURPOSE OF COLLECTION
We collect your personal information to:
- Send promotional and transactional mobile messages.
- Provide customer support.
- Provide customer support.
III. USE OF INFORMATION
We generally use the information we collect to:
- Provide and improve the Services;
- Contact you;
- Fulfill your requests for products, services, and information;
- Send you information about additional clinical services or general wellness from us or on behalf of our affiliates and trusted third-party partners;
- Analyze the use of the Services and user data to understand and improve the Services;
- Customize the content you see when you use the Services;
- Conduct research using your information, which may be subject to your separate written authorization;
- Prevent potentially prohibited or illegal activities and otherwise in accordance with our Terms of Use; and
- For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
- Promotional Messages: To advertise and promote our products and services, including special offers and abandoned checkout reminders.
- Transactional Messages: To provide updates related to your transactions, such as order notifications and appointment reminders.
- Customer Support: To assist you with inquiries and support requests.
IV. SHARING OF INFORMATION
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.
- Healthcare providers, insurance companies, and other healthcare-related entities. We may share your information with other health care providers, laboratories, government agencies, insurance companies, organ procurement organizations, medical examiners or funeral directors, and other entities relevant to providing you with treatment options and support.
- Authorized third-party vendors and service providers. We may share your information with third-party vendors and service providers that help us with specialized services, including billing, payment processing, customer service, email deployment, business analytics, marketing (including but not limited to advertising, attribution, deep-linking, direct-mail, mobile marketing, optimization and retargeting), performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they are providing to us.
- Research partners. We may share your information with our research partners to conduct health-related research; such sharing may be subject to your separate written authorization.
- Corporate affiliates. We may share your information with our corporate affiliates that are subject to this policy.
- Business transfers. We may share your information in connection with a substantial corporate transaction, such as the sale of a website, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.
- Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety, and security of Cloud Clinic, our affiliates, users, or the public. If we are legally compelled to disclose information about you to a third party, we will attempt to notify you by sending an email to the email address in our records unless doing so would violate the law or unless you have not provided your email address to us.
- With your consent or at your direction. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
- Third Parties/Affiliates: We do not share your mobile information with third parties or affiliates for marketing or promotional purposes.
- Subcontractors: We may share your information with subcontractors who provide support services (e.g., customer service) but only for purposes related to these services.
- Text Messaging Data: We do not share text messaging originator opt-in data and consent with any third parties.
If you access third-party services, such as Facebook, Google, or Twitter, through the Services to login to the Services or to share information about your experience on the Services with others, these third-party services may be able to collect information about you, including information about your activity on the Site, and they may notify your connections on the third-party services about your use of the Site, in accordance with their own privacy policies.
If you choose to engage in public activities on the Site or third party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these areas. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in these public areas.
V. SECURITY
We use reasonable measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.
VI. YOUR CHOICES
You may opt out of receiving general health and wellness or treatment options that may be relevant to you by emailing us at help@cloudclinic.me. You may also request that we delete your personal information by sending us an email at help@cloudclinic.me.
You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). Please note that you may need to take additional steps to refuse or disable Local Shared Objects and similar technologies. For example, Local Shared Objects can be controlled through the instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.
VII. THIRD-PARTY ADVERTISING, LINKS, AND CONTENT
Some of the Services may contain links to content maintained by third parties that we do not control. We allow third parties, including business partners, advertising networks, and other advertising service providers, to collect information about your online activities through cookies, pixels, local storage, and other technologies. These third parties may use this information to display advertisements on our Services and elsewhere online tailored to your interests, preferences, and characteristics. We are not responsible for the privacy practices of these third parties, and the information practices of these third parties are not covered by this Privacy Policy.
Some third parties collect information about users of our Services to provide interest-based advertising on our Services and elsewhere, including across browsers and devices. These third parties may use the information they collect on our Services to make predictions about your interests in order to provide you ads (from us and other companies) across the internet. Some of these third parties may participate in an industry organization that gives users the opportunity to opt out of receiving ads that are tailored based on your online activities. Due to differences between using apps and websites on mobile devices, you may need to take additional steps to disable targeted ad technologies in mobile apps. Many mobile devices allow you to opt out of targeted advertising for mobile apps using the settings within the mobile app or your mobile device. For more information, please check your mobile settings. You also may uninstall our apps using the standard uninstall process available on your mobile device or app marketplace.
To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or your mobile device, but your opt-out choice may apply only to the browser or device you are using when you opt out, so you should opt out on each of your browsers and devices if you want to disable all cross-device linking for interest-based advertising. If you opt out, you will still receive ads but they may not be as relevant to you and your interests, and your experience on our Services may be degraded.
Do-Not-Track Signals and Similar Mechanisms. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.
VIII. CALIFORNIA RESIDENTS
Certain states afford you additional rights with respect to your personal information. If you are a resident of California, you have the following rights:
- The right to notice. You must be properly notified which categories of personal information (as such term is used in the California Consumer Privacy Act (“CCPA”)) are being collected and the purposes for which it is being used.
- The right to access / the right to request. The CCPA permits you to request and obtain from us information regarding any personal information that we have collected about you in the past 12 months and disclosed to a third party for the third party’s direct marketing purposes.
- The right to say no to the sale of personal information. You also have the right to ask us not to sell your personal information to third parties.
- The right to know about your personal information. You have the right to request and obtain from us information regarding the disclosure of the following:
- The categories of personal information collected
- The sources from which the personal information was collected
- The business or commercial purpose for collecting or selling the personal information
- Categories of third parties with whom we share personal information
- The specific pieces of personal information we have collected about you
- The right to delete personal information. You also have the right to request the deletion of your personal information that has been collected in the past 12 months.
- The right not to be discriminated against. You have the right not to be discriminated against for exercising any of your consumer’s rights.
Exercising Your CCPA Data Protection Rights
In order to exercise any of your rights under the CCPA, and if you are a California resident, you can email us per below. We will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.
“Do Not Track” Policy as Required by California Online Privacy Protection Act (CalOPPA)
Per above, our Services do not respond to Do Not Track signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.
Your California Privacy Rights (California’s Shine the Light law)
Under California Civil Code Section 1798 (California’s Shine the Light law), California residents with an established business relationship with us can request information once a year about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you’d like to request more information under the California Shine the Light law, and if you are a California resident, you can contact us per below.
IX. INTERNATIONAL USERS
We maintain information in the United States of America and in accordance with the laws of the United States, which may not provide the same level of protection as the laws in your jurisdiction. By using the website and providing us with information, you understand and agree that your information may be transferred to and stored on servers located outside your resident jurisdiction and, to the extent you are a resident of a country other than the United States, that you consent to the transfer of such data to the United States for processing by us in accordance with this Privacy Policy.
We participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. [https://www.privacyshield.gov/list]. We are responsible for the processing of personal data we receive, under the Privacy Shield Framework, and subsequently transfer to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
X. INTERNATIONAL TRANSFERS
We do not transfer your personal information internationally.
XI. CHILDREN
We do not knowingly allow individuals under the age of 18 to create accounts that allow access to our Services. If you are the parent or guardian of a child under 18 and believe your child has created an account or otherwise provided personal information to us, please contact us via the email address set forth below and include the email address associated with the relevant account. Be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
XIII. RIGHTS OVER YOUR DATA
You have the right to:
- Access, correct, or delete your personal information.
- Opt-out of receiving promotional messages at any time.
To exercise your rights, please contact us at support@cloudclinic.me.
XIV. PRIVACY POLICY CHANGES
We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Services to stay informed of our privacy practices.
XV. QUESTIONS?
If you have any questions about this Privacy Policy or our practices, please email us at help@cloudclinic.me.