We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your electronically stored "personal data" (as defined in applicable statutes on security breach notification) to your email or in writing in an expedient manner and without unreasonable delay, insofar as these are consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
We collect, receive, generate and store the following types of information:
Personal Information: Personal Information is information that can be used to identify or contact you, including but not limited to your name, address, email address, gender, birthday, telephone number, account identifiers, account password, payment information, credit card information and other billing data. We collect, receive and store certain of your Personal Information when you connect or register for the Services or when you directly provide such information in connection with sign-up, registration, use or interaction with the Services, including without limitation when you use the Services online, download or link to the Services, open any related account or membership, enter or upload your Personal Information into the Services, subscribe to a newsletter, respond to a survey, fill out a form, or complete your profile through the Services. It is also possible that we may receive some of your Personal Information from third parties with which you have signed up or have an account and which are involved with or connected to the Services, such as care providers, hospitals, insurance companies, other health-related entities or online stores or hosting services. In connection with any of the foregoing, we may receive personally identifiable health information from or about you, in which case, such personally identifiable health information will be subject to certain confidentiality and legal protections as described in detail below.
User Content: User Content is information, data, text, files, software, graphics, music, audio, photographs, video, messages, communications, contacts or other materials, that you upload, submit, post, transmit, share or otherwise provide on, through or to the Services. This could occur directly or indirectly, such as through your authorization of third party sources to release or transmit User Content (and Personal Information) into the Services. For example, we receive and store User Content you provide to Company when you:
Information We Collect or Generate About You and/or Your Use of Services: We receive, collect, generate and store certain types of information whenever you use the Services or otherwise interact with us. We may do this directly or through third party tools, services, stores, accounts or hosting platforms involved with or connected to the Services (including without limitation analytics tools and ad serving technologies). For example, we (and such third parties) may automatically record your use of and activity on the Services (such as amount, type and manner of use and interaction; time and date of your activities; type and amount of User Content submitted to the Services and other metrics). We (and such third parties) may also collect information about your device or computer on which you use the Services, such as your unique device identifiers, device type, model and version, Android or Apple ID, coarse location, fine location, GPS coordinates, source and status of network connection, internet service provider, IP address, browser type, operating system or other software used, page views, domains and similar information. Also, we may automatically send and receive information to and from your device or computer in connection with your use of the Services. Like many websites and online applications and services, we may also use "cookies" (see below), log files, web beacon technologies and other automated tools to obtain certain types of information when your web browser or other application accesses our Services.
Company may use the information submitted, collected, received or generated from and/or about you for any of the following purposes:
Company does not rent, sell or publicize your Personal Information/PHI without your prior consent. Use of personally identifiable health information is further subject to the restrictions described in more detail below.
Information provided by our users is an important part of our business. Company will share and disclose information submitted, collected, received or generated from and/or about you only as compatible with the purposes described above (except for certain personal health information which shall be kept confidential as described below), when we have your consent (as may be provided by you from time to time through the Services or otherwise), and as described in this section as follows:
Public Forum: Any User Content or other user information, content or materials submitted, posted, shared, transmitted or otherwise provided to public portions of the Services (such as video chat rooms, discussion groups, bulletin boards and similar forums) or portions of the Services designed for broad user access (such as reviews, focused user groups, etc…) are or may be shared with the public without restriction. Company also reserves the right to publish or make publicly available any information that is already publicly available prior to the time first provided to or collected by Company or information that becomes publicly available without any action or omission on the part of Company.
Aggregated Data and Anonymous Data: Company may publish and otherwise disclose (a) on an aggregated basis, information relating to usage and users of the Services, and (b) information that is de-identified and otherwise free of any information that would allow you to be identified.
Disclosures In Connection with Permitted Uses: Company may disclose your information to third parties (including without limitation to publishers and business partners) in connection with the purposes described in the previous section such as, for example, to implement advertising, marketing, publishing or promotional activities or transactions, or to publish, sell and otherwise exploit information (other than Personal Information/PHI) relating to usage and users of the Services.
Contractors, Collaborators and Agents: We may employ other companies and individuals to perform functions or otherwise act on our behalf. Examples include processing payments, resolving service problems, correcting errors related to the execution of the Services, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance (including data concerning marketing and promotional programs), hosting websites or software, developing websites and software, providing customer service, assisting Company with providing, administering, developing or improving the Services, and/or for other purposes within the ordinary course of business. All contractors, collaborators and agents agree to abide by same confidentiality obligations as Company, including associated heightened privacy requirements in the Business Associate Agreement where applicable and as mandated by law.
Business Transfers and Collaborations: As we continue to develop our business, we might sell the Company and/or its business or assets and/or sell or buy online sites, services, subsidiaries, or other businesses; or we might collaborate or partner with other companies in strategic transactions, publishing or distribution arrangements, business arrangements or licenses. In such transactions, customer and user information and information regarding usage of the Services generally would be one of the transferred business assets or otherwise one of the components of, or involved in, the transaction, we may therefore share this information in connection with such transactions or arrangements.
Compliance with Law and Protection of Company and Others: We reserve the right to disclose your Personal Information and any other information when we believe release is appropriate to comply with the law, judicial proceeding, court order, subpoena or other legal process provided that we provide you reasonable notice of the order, subpoena or request to allow you to seek a protective order, if necessary; detect, prevent, or otherwise address fraud, security, emergency situations or technical issues; enforce or apply our Terms of Service and other agreements, rights and remedies; or protect the rights, property, or safety of Company, our employees and contractors, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction purposes.
The Services may include or interoperate with applications, services, features or functionalities provided by third parties. In connection with such third party applications, services, features or functionalities, you may send (or such third parties may get access to) certain information about or related to you or your activities therewith. The use, storage and disclosure of such information by these third parties is subject to their own privacy policies and Company has no responsibility or liability for such third parties’ acts or omissions or the information provided to them.
Some of our users – such as healthcare providers – are subject to laws and regulations governing the use and disclosure of health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder. When we store, process or transmit certain individually identifiable health information or “Protected Health Information” (as such term is defined by HIPAA) on behalf of a health care provider, we do so as its “business associate” (as also defined by HIPAA) under a Business Associate Agreement (www.hint.com/baa). Under this agreement, we are prohibited from, among other things, using Protected Health Information in a manner that the provider itself may not. We are also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of Protected Health Information we store and process on behalf of such providers. We are also subject to laws and regulations governing the use and disclosure of certain personal and health information, including HIPAA, when we operate as a business associate of a healthcare provider.
Except as may be inherent in the features and functionality of the Services, Company does not have a mechanism for you to review, edit or delete all of your information on or stored in the Services or otherwise by Company. If in the future, the Company may implement a system to allow for a complete review and deletion of all you information, but Company has no obligation to provide or create such a mechanism.
If you would like us to delete your Personal Information in our system, please contact us at firstname.lastname@example.org and we will accommodate your request (but will not do so if we have any legal obligation to retain the record). In such cases, we ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests. If Company is unable to destroy or delete the information due to legal obligations or because it is not feasible or because it is unduly burdensome or impractical or would jeopardize the privacy of others or the integrity of the Services, Company is not obligated to do so, but Company shall provide a written response stating the reason(s) it cannot fulfill the request. Because of the way we maintain certain Services, after you delete your information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems. We are not responsible for updating, correcting or removing any of your information disclosed to or held by third parties.
Please be aware the Company is under no obligation to maintain and store any of your information (including any Personal Information or User Content) or otherwise to maintain and operate the Services. The Company reserves the right to cease or modify operation of the Services at any time – in such case, your information (including any Personal Information and User Content) may no longer be available. If you desire to maintain access to any such information, you are encouraged to keep a backup of such information in other locations.
Log file information may be automatically reported by your browser or smartphone application each time you access a web page, app or other electronic location. When you use the Services, our servers may record certain information that your web browser, the Services or other application sends whenever you utilize the Services, visit any website or utilize any other services or applications.
Our Services are hosted in the United States. If you use the Services from the European Union, Asia or any other country outside the United States with laws or regulations governing personal data collection, use and disclosure that differ from the United States laws and regulations, please be advised that through your continued use of the Services, you are transferring your information to the United States and you consent to that transfer. Your information may be transferred to - and maintained on - computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us or use the Services, Company transfers personal information to the United States and processes it there, and your submission of such information represents your consent and agreement to that transfer.
In order to use our Services you must represent and warrant that you are over the age of 13 before using, downloading or accessing the Services. Children under the age of 13 are not eligible to use the Services and must not attempt to download the Services, register with the Company and/or submit any personal information to us. We do not knowingly collect personal information from any person who is under the age of 13 or allow them to register. If it comes to our attention that we have collected personal data from a person under the age of 13, we will delete this information as quickly as possible.
Without limiting the generality of the foregoing, our Services do allow users above the age of 18 years old – such as care providers, parents and guardians – to submit personal information about others, including minors. Such users assume full responsibility over their submission, use and transmission of such information.
Our Services may contain links to, interoperate with, and allow you to share content to and from third party services, websites and applications. The fact that we link to a website, service or application or allow you to share content through these third parties is not an endorsement, authorization or representation that we are affiliated with that third party, nor is it an endorsement of their privacy or information security policies or practices. Other websites, services and applications follow different rules regarding the collection, use, storage or disclosure of the personal and other information. We encourage you to read the privacy policies or statements of the other websites, services and applications you use.
Unless expressly provided otherwise in writing by the Company and the Services are provided “AS IS” without warranty of any kind. The Company makes no, and hereby disclaims any and all, representations and warranties of any kind, express or implied, with respect to the Services, including without limitation, warranties of merchantability, fitness for a particular purpose and non-infringement.