Effective Date: September 17, 2019
- What information we collect and store about you
- How we use Personal Information
- Information sharing and disclosure
- Cookies and Do Not Track (DNT) signals
- Rights to access and control your Personal Information
- Third Party Links
- Notice to residents of countries outside the United States
- Rights under state law
- Privacy of children
WHAT INFORMATION WE COLLECT AND STORE ABOUT YOU
Your Personal Information. In an effort to provide you services intended to meet your needs and preferences, we may be required to collect your personally identifiable information or, if you are involved in the care of a family member or friend, personally identifiable information about your family member or friend (“Personal Information”). When you use the Site to find a mental health professional for a family member or friend, you must either be the legally authorized representative of your family member or friend, or have their consent before providing us with their Personal Information and other information about them.
- Name(s) (including aliases and your signature), phone number(s), email(s) or physical mailing address(es), Internet Protocol (IP) address(es), device identifier(s), audio/visual/electronic and biometric information;
- Age/date of birth, educational/professional/employment related information, gender/gender identity/gender expression, sexual orientation, race, ethnicity, religion or creed, veteran or military status, or other profile information;
- Billing and payment information, including health insurance information and social security number;
- Health information, including the mental health professional you chose to see from the Site, the reasons for and dates of the appointment, mental health and other medical history you choose to share with us, and any other health information you or your mental health professional choose to share with us;
- Inferences our Site draws from any of the Personal Information we collect, such as your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes; and
- Other identifying information you voluntarily choose to provide us, including without limitation, your unique identifiers (e.g., personal identifiers, online identifiers, the account name you create with us, identifications cards like driver’s license or passport), User Contributions, and information exchanged on the Site (whether orally or in writing).
If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on the Site, we may collect and retain such information in a file specific to you. We may also request that you send additional identifying information so that we can confirm your identity.
Protected Health Information. Personal Information we gather from you may be considered “protected health information” or “PHI” as that term is defined by the Health Insurance Portability and Accountability Act and its implementing regulations as amended from time to time (“HIPAA”). If we receive, store, transmit or create Personal Information about you (or a family member or friend) from or on behalf of health care providers, this information is considered PHI. HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. We may only use and disclose PHI in ways permitted by HIPAA. Please contact your health care provider and request a copy of their HIPAA Notice of Privacy Practices for more information on how your health care provider may use and disclose PHI and your rights to your PHI. If you have any problems with how your health care provider is managing your information, please contact your health care provider directly.
Other Information. Some information is automatically collected from you when you use our Site and is stored in log files, which are used on the Site and in links to the Site from an email. The types of information that may be automatically collected from your use of the Site include (without limitation):
- Information about you, but does not individually identify you;
- Information about your search queries;
- Information about your computer and its operating system, Internet connection, and IP address, and the equipment you use to access the Site;
- Information about your geolocation and the statistics and information associated with the interaction between your browser or device and the Site (e.g., browsing history); and
- Information from Cookies (defined below) and your log data, including your clickstream data, web browser(s), referring and exiting webpages, or other source through which you accessed the Site, the pages you visit and the time spent on these pages, and other usage details.
The automatically collected information is generally statistical, but may include Personal Information, and we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. We use this information to analyze trends, administer the Site, track users’ movements around the Site, and gather demographic information about our user base as a whole. We do so in an effort to create a more efficient and usable Site, and to determine areas of the Site that could be improved to enhance the user experience.
De-identified and Aggregated Information. Your Personal Information does not include de-identified information or aggregated information. Storage. We retain your Personal Information for as long as you have an open account with us or as otherwise necessary to resolve disputes, prevent fraud, enforce any agreement between you and the Company, or as otherwise permitted or required by applicable law. Afterwards, we may choose to retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
HOW WE USE PERSONAL INFORMATION
We use Personal Information and other information we collect about you (or your family member or friend) for the purpose of matching individuals with mental health professionals who subscribe to our Site. We also use Personal Information to:
- Provide, maintain, administer, or expand our Site (including any related services);
- Provide customer support, resolve disputes, troubleshoot problems, inform you about updates, advertise our Site (including related services) to you, and customize your experience on the Site (including its content or layout);
- Detect and protect us against error, fraud, or other criminal activity;
- Provide you with notices about certain resources you may be interested in learning about, and provide you notices regarding your account or subscription (including expiration and renewal notices);
- Perform internal research on demographics, interests, traffic patterns, usage, and behavior;
- Improve our internal marketing and promotional efforts, and improve or enhance our business and Site (including related services);
- For such other purposes as described to you at the time we collect Personal Information; and
- For any other purpose with your consent.
We may (but have no obligation to) compare and review Personal Information for errors, omissions, and accuracy.
INFORMATION SHARING AND DISCLOSURE
Protecting Personal Information is a top priority for us. Listed below are some of the ways Personal Information and other information may be disclosed to others in the normal scope of business to provide our Site:
- Purpose. We may disclose Personal Information and other information to fulfill the purpose for which you provide it. For example, we will share Personal Information with the mental health professionals with whom you schedule an appointment. If you are a mental health professional interested, we may share Personal Information as needed for purposes of enrolling you as a Subscriber or authorized user of a Subscriber.
- Contractors. We will also need to share Personal Information and other information with third party contractors we use to provide services or functions on our behalf, such as hosting our website or processing payment. We require our third party contractors to protect the confidentiality and security of your Personal Information.
- Subsidiaries and Affiliates. We may disclose Personal Information and other information to the Company’s subsidiaries and affiliates in connection with the Site (including providing related services).
- Buyers or Successors. We may disclose Personal Information and other information to a buyer or other successor of the Company in the event of a merger, divestiture, restructuring, reorganization, dissolution, change of control, or other sale or transfer of some or all of Company’s assets.
- Legal Requests. We also may disclose Personal Information or any other information we collect about you if we determine in good faith that such disclosure is needed to: (1) comply with or fulfill our obligations under applicable law, regulation, court order or other legal process; (2) protect the rights, property, or safety of you, the Company, or another party; (3) enforce any agreement between you and the Company; or (4) respond to claims that User Contribution violates third-party rights. If we receive a verified law enforcement or other government official request to disclose your Personal Information in connection with your involvement an alleged crime or other illegal activity, we can (and you hereby authorize us to) disclose your name, city, state, telephone number, email address, username history, and fraud complaints without a subpoena.
- User Contributions. You agree that any information that you may reveal in a review posting, online discussion or forum is intended for the public and is not in any way private. Carefully consider whether to disclose any Personal Information in any public posting or forum. Your submissions may be seen or collected by third parties and may be used by others in ways we are unable to control or predict.
- Consent. We may also disclose Personal Information and other information if we obtain your consent to do so.
We do not, and will not, sell your Personal Information to any third party for marketing or commercial purposes without your explicit consent.
WE MAY DISCLOSE AGGREGATED AND/OR DE-IDENTIFIED INFORMATION ABOUT OUR USERS, AND INFORMATION THAT DOES NOT IDENTIFY ANY INDIVIDUAL, WITHOUT RESTRICTION, INCLUDING TO BETTER UNDERSTAND THE USERS OF OUR SITE AND EVALUATE HOW WE CAN DELIVER A BETTER EXPERIENCE FOR OUR USERS.
COOKIES AND DO NOT TRACK (DNT) SIGNALS
When you use the Site, we collect certain information by automated electronic means, which may include:
- Browser Cookies. A cookie is a small file placed on the hard drive of your computer or mobile device, and are stored on your device after you exit your browser. Temporary cookies, also known as “session cookies,” are used for various reasons, such as managing page views and are usually erased by your browser when you exit it. Cookies that are stored on your device after you exit your browser, also known as, “persistent cookies” are used for a number of reasons, such as storing your preferences and retrieving certain information, you have previously provided.
- Locally Stored Objects. A locally stored object, also known as “flash cookies,” is feature from our Site that collects and stores information about your preferences and navigation to, from, and on our Site, but is not managed by the same browser settings as are used for session cookies, persistent cookies, or other types of browser cookies.
- Web Beacons. A web beacon is a small electronic file, sometimes referred to as clear gifs, pixel tags, and single-pixel gifs (collectively, “web beacons”), that permits us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Web Analytic Service. A web analytic service, such as Google Analytics, can be used to evaluate your use of the Site, such as mouse clicks, mouse movements, scrolling activity, and text typed into the Site (“web analytics”). We use web analytics to help us understand how we can make our Site easier to use.
- Mobile Device Identifiers. Mobile device identifiers are data stored on mobile devices that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it (“mobile device identifiers”). Mobile device identifiers enable collection of Personal Information (such as media access control, address and location) and your traffic data, and allow us to learn more about your demographics and Internet behaviors in order to personalize and improve the Site.
Cookies help us improve our Site and deliver better services, and help to enable us to estimate our audience size and usage patterns, store information about your preferences, customize our Site according to your individual interests, speed up your searches, and recognize you when you return to our Site. Some web browsers allow you to reject cookies or to alert you when a Cookie is placed on your computer, tablet, or mobile device. Although you are not required to accept our Cookies, if you block or reject them, you may not have access to all features available through the Site.
Some cookies are placed by a third party on your device and provide information to us and third parties about your browsing habits (such as your visits to our Site, the pages you have visited, and the links and advertisements you have clicked). These cookies can be used to determine whether certain third party services are being used, to identify your interests, and to serve advertisements relevant to you. We do not control third party cookies.
Some website browsers also have a “do not track” or DNT feature that lets you tell websites that you do not want to have your online activities tracked. No uniform technology standard for recognizing and implementing DNT signals has been finalized. We do not currently respond to a browser’s DNT signal. We do not knowingly permit third parties to track your activity over time on our website.
You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Refer to your browser’s instructions to learn about cookie-related and other privacy and security settings that may be available. You can opt-out of being targeted by certain third party advertising companies online at http://www.networkadvertising.org/choices/.
RIGHTS TO ACCESS AND CONTROL YOUR PERSONAL INFORMATION
- Data Deletion. You may request us to delete Personal Information. In some cases we may not be able to delete Personal Information without also deleting the user account.
- Data Correction or Change. You can ask us to change, update, or fix Personal Information in certain cases, particularly if it is inaccurate. You can review and change your Personal Information by logging into the Site and visiting your account profile page. Note, however, that we may not be able to delete Personal Information without also deleting your user account.
- Data Use Limitation or Restriction. You may tell us in writing not to use or disclose your Personal Information, but keep in mind this direction will terminate our ability to provide the Site (including related services) to you.
- Rights to Data. You can ask us for a copy of your Personal Information.
You may contact us at firstname.lastname@example.org to request access to, obtain copies of, correct, or delete any Personal Information that you have provided to us. Your request must include (i) your identifying information (including your IP address, if applicable), (ii) your contact information, and (iii) information about the specific changes, deletions, or other action(s) you are requesting. We require this information so we can determine which information in our control is your Personal Information and complete the actions you requested. We reserve the right to deny a request to change or delete your information if we reasonably believe the change would violate any law or legal requirement or cause the information to be incorrect. If you delete or change your User Contributions from the Site, copies of it may remain viewable in cached and archived pages, or might remain copied or stored by other Site users.
Please also see the Section of this policy on your Rights Under State Law to learn more about additional rights you may have under state law with respect to your Personal Information.
THIRD PARTY LINKS
We store all Personal Information on a secure database and all PHI in compliance with HIPAA. We follow generally accepted industry standards to protect Personal Information, both during transmission and once we receive it. However, no method of transmission over the Internet or electronic storage of information is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission or storage of your Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password or other security information (e.g., activation code or pin) for access to certain parts of our Site, you are responsible for keeping this security information confidential. We ask you not to share your password or other security information with anyone. We urge you to be careful about giving out information in public areas of the Site. The information you share in public areas may be viewed by any user of the Site.
Please also note that some email communications and text messaging on your device’s SMS (short message service) are not secure (encrypted) methods of communication. There are risks associated with unsecured communications that you should consider. These risks include (without limitation) that unsecure communications could be intercepted or read by other people. Please do not use unsecure methods of communication to communicate with us, a Subscriber or others about confidential matters. By using the Site (including related services) you are agreeing to accept these risks and consent to receive unsecure communications.
NOTICE TO RESIDENTS OF COUNTRIES OUTSIDE THE UNITED STATES
RIGHTS UNDER STATE LAW
- Request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months (a “Right to Know Request”). Once we receive and confirm your Right to Know Request, we will disclose to you:
- The categories of Personal Information we collected about you;
- The categories of sources for the Personal Information we collected about you;
- The categories of third parties with whom we share that Personal Information;
- The specific pieces of Personal Information we collected about you (in California, it’s called a “data portability request”);
- Our business or commercial purpose for collecting or selling* that Personal Information.
- The categories of Personal Information about you we have disclosed for a business purpose in the past 12 months; and
- The categories of third parties to whom we have disclosed your Personal Information for a business purpose in the past 12 months.
*Please note: In the past 12 months, we have not sold any Personal Information about consumers. We do not, and will not, sell Personal Information without your explicit consent.
- To request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions (a “Deletion Request”). Once we receive and confirm your consumer request, we will delete your Personal Information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our contractors or subcontractors to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
- Debug products to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.) or other required state laws, if applicable;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation; or
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
You can make a Right to Know Request or a Deletion Request by contacting us at email@example.com or by toll free phone at 888-HOPJAX-0 (467-5290).Please note that depending on your state only you or an authorized person may make such requests related to your Personal Information.
Additionally, your state may limit the number of consumer requests you can make and what information you must provide for us to process such requests. For example, if you are a California resident you may only make a consumer request for access or Right to Know Request twice within a 12-month period. Your request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative;
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it; and
- We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
We endeavor to respond to a consumer request within 45 days of its receipt. If we require more time (up to 90 days in California), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding your request receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We will not discriminate against you for exercising any of your state rights. Unless permitted by state law, we will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods or services; or
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
PRIVACY OF CHILDREN
If you use the Site on behalf of another person, regardless of age, you agree that we may contact you for any communication made in connection with providing the Site or any legally required communications. You further agree to forward or share any such communication with any person for whom you are using the services on behalf.