The Information we may collect, includes without limitation:
We collect information that personally identifies you, such as your name, telephone number, email address, date of birth, data generated by sensors in the devices you use to access the Services and other data which can be reasonably linked to such information (“Personal Information”) only if you choose to share such information with us. For example, you will be required to provide us with certain Personal Information to register for the Services, sign up for certain features available through the Services (such as push notifications, text messages and other communications services which may offer you the ability to share information with third parties, such as health care professionals), and at other times. The decision to provide this information is optional; however, if you decide not to register or provide such information, you may not be able to use some or all of the features of the Services. Further, Vori Health may offer location-enabled services, for example to locate a nearby doctor or pharmacy. If you use those services, Vori Health may receive information about your actual location (such as GPS signals sent by a mobile device) or information that can be used to approximate a location (such as a cell ID). You will have the option to disable collection and use of location information. However, doing so may prevent you from using some features of the Services, or limit the function of some features.
Vori Health offers you the ability to share your Health Information with the PLLC in connection with the Services. “Health Information” includes both Protected Health Information and Additional Health Information. “Protected Health Information” or “PHI” is personally identifiable information which relates to your health or payment for your healthcare services that is created or received by an entity covered under the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (“HIPAA”), such as Vori Health as a business associate of the PLLC, and the PLLC, as a covered entity under HIPAA. Protected Health Information includes the combination of your Personal Information and personal health information, such as medical records, medical history and/or information regarding a condition or treatment (e.g., information about symptoms, prescriptions, allergies, diagnoses and outcomes or side effects of treatment). “Additional Health Information” is any and all other personal health information that is not Protected Health Information, generally because such information was not created or received by a HIPAA-covered entity.
When you use the Services, you expressly authorize the sharing of your Health Information with anyone whom is part of your Services team and is also a user of the Services, which may include your healthcare professional(s).
If you allow someone to access your account, you do so at your sole risk and may risk exposing your Health Information. Vori Health does not know and cannot control how anyone else to whom you give access to your account and/or with whom you share your Health Information may use your Health Information or account. Health Information you provide to others may not be protected, kept private, or be secure. You are solely responsible for all use of your account, by yourself or anyone whom you permit to use it. Vori Health will not be liable for any disclosure or use of Health Information or other information by you or anyone using your account with your permission.
You should not upload any Health Information regarding any person other than yourself without that person’s prior express consent. You must obtain the consent of your family member or any other person before you submit or share Health Information about that person. By submitting or sharing Health Information about a family member or anyone else, you represent and warrant that you have obtained that person’s express consent to do so or that you otherwise have the legal authority to do so (e.g., because that person is a minor and you are the parent or legal guardian).
Any Health Information stored and collected by Vori Health or added by Members into such Secure Platforms is identifiable, PHI and therefore governed by HIPAA. How the PLLC uses and discloses such PHI shall be in accordance with the PLLC’s Notice of Privacy Practices. For example, if you have consented to importing data from your healthcare provider into the Secure Platform, you should review the PLLC’s Notice of Privacy Practices to understand how the PLLC will use and disclose such PHI.
By accessing or using the Website after such changes are posted you agree to all such changes.
We may use Facebook Pixel, a web analytics and advertising service provided by Facebook Inc. (“Facebook”) on our Website. With its help, we can keep track of what users do after they see or click on a Facebook advertisement, keep track of users who access our Website and Application or advertisements from different devices, and better provide advertisements to our target audiences. The data from Facebook Pixel is also saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own and others advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/ . Please click here if you would like to withdraw your consent for use of your data with Facebook Pixel https://www.facebook.com/settings/?tab=ads#_=_.
Either Vori Health or a third-party vendor on behalf of Vori Health may automatically collect information while Visitors browse the Website. We may collect such information by tracking, or asking a third-party vendor to track, your click-stream activity when such information is not tied to a user ID through the use of "cookie" technology or by tracking internet protocol (IP) addresses, as explained below.
Because we want our Website to better serve Visitors' needs, we collect some basic information about Visitors and their devices, including, but not limited to:
The Information collected from Visitors on our Website may be shared with our suppliers and vendors and used in the aggregate to create summary statistics that help us analyze the Websites' usage trends, assess what information is of most and least importance, determine technical design specifications, arrange the Website in the most user-friendly way, and identify system performance or problem areas.
By continuing to use the Website, you hereby consent to the use and disclosure of your Information as set forth below:
Communicating with You
By becoming a user of the Services and providing your mobile number and/or email address, certain features of the Services will be provided to you via your mobile phone or other mobile device which may include: the ability to upload content to the Website, download applications, and receive email, short message service (SMS), text message communications and mobile push notifications, each of which are not encrypted (“Mobile Features”). Standard messaging, data and/or other fees may be charged by your carrier. You can opt out of receiving email, SMS/text messages, and mobile push notifications. Although unlikely, it is possible for these communications to be intercepted or accessed without your authorization, and by using the Services, you release Vori Health from any liability arising from or related to any such interception or unauthorized access. You can opt out by changing your profile settings within the Services or by notifying your healthcare provider. You agree to notify Vori Health of any changes to your mobile number and email by updating your Vori Health Services account to reflect any changes.
Communicating with Your Healthcare Professionals
Services concerning you may be accessed by the PLLC and its healthcare professionals who are linked to your account, and by Vori Health service providers, affiliates, representatives and assigns, all of whom may: send and receive reminders, alerts or other service-related information via email and/or push notifications or the like, i.e., utilize Mobile Features to notify and be notified of information about you. The use of Mobile Features may include the sharing of your Personal Information and Health Information. Although unlikely, it is possible for these communications to be intercepted or accessed without your authorization, and by using the Services, you release Vori Health from any liability arising from or related to any such interception or unauthorized access.
Please be advised that, whenever you voluntarily post information to any public forum such as a bulletin board, blog, community or related interactive area of the Services, collectively “Public Posts”, such information can and may be accessed by the public. This means that any person or entity with access to such information can potentially use it for any purpose, including to send unsolicited communications.
Like many companies, we use "cookies" and “web beacons” to help you better navigate the Website. A "cookie" is a small piece of information sent by Vori Health's web-based applications that are stored by your web browser on your computer's hard drive. A “web beacon” is an electronic file placed within a website that monitors usage. Cookies and enhance your online experience by saving your preferences while you are visiting a particular Website. The cookies do not contain any identifiable information and cannot profile your system or collect information from your hard drive. Most Internet browsers automatically accept cookies, but you can set your browser to refuse them or to alert you when they are being sent.
For more information about the cookies that are used on the Website and your ability to change your preferences or opt out of use of those cookies, please see Vori Health's Cookie Preferences To adjust your cookie settings, please go to your Vori Health User Setting page and make the necessary selection.
Amendment. You have a right to request that Vori Health amend or delete the Personal Information it collects from your use of the Website if you believe it is incorrect or incomplete, and you may request an amendment or deletion for as long as the Personal Information is retained by Vori Health. You must submit your request in writing to Vori Health and provide a reason to support the requested amendment. Vori Health may, under certain circumstances, deny your request by sending you a written notice of denial.
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by Vori Health to third parties for the third parties' direct marketing purposes. These requests only cover information for the immediately prior calendar year (e.g., requests made in 2021 will receive information about 2020 sharing activities) and information about our sharing in general, not specific to you. To make such a request, please send an email to firstname.lastname@example.org. If you are a California resident, the California Consumer Privacy Act (the "CCPA") gives you additional rights about the collection, processing and storage of your personal data, which we will explain below. Information Collected We will not collect additional categories of personal information or use Personal Information collected for additional purposes without providing you with notice.
Information Disclosed for Business Purposes
We may disclose your contact information and financial information with our Service Providers to help us provide the Services. Please note that we do not sell any of your Personal Information to third parties.
Your Rights under CCPA
Additionally, you have the following rights under the CCPA and you may exercise these rights no more than twice in any twelve (12) month period by following the instructions below. To exercise more than one right at a time, please submit each request individually. If you submit multiple requests, we cannot guarantee the order in which your requests will be processed:
Right to Know:
You have the right to know what categories of Personal Information we collected in the preceding twelve (12) months, including the categories of sources from which the Personal Information was collected, the specific pieces of Personal Information we have collected about you, and the business or commercial purposes for which such Personal Information was collected and shared. You also have the right to know the categories of Personal Information which were disclosed for business purposes, and the categories of third parties with whom we shared your Personal Information in the preceding twelve (12) months.
Right to Access:
You have the right to receive the Personal Information that you gave us. The information that we will provide to you will be masked, meaning that portions of it will be omitted so that it can't be used fraudulently. For example, your telephone number may display as (123) - XXXXXX67. In order to exercise your right to access, email us at email@example.com and follow these instructions:
You can request to have your Personal Information deleted and we will ask our Service Providers to do the same. Please note that if we delete your Personal Information, many of our Services will not work the same. For example, you will not have an account (since any prior saved data will be deleted). If you make multiple requests under this section, we recommend sending your deletion request last, as we will not be able to fulfill your other requests once we have deleted your information.
We will not discriminate against you for exercising any of your rights, and we will not deny you good or services, charge you a different price, or provide you with a lesser quality of goods or services if you exercise any of your rights, unless by exercising any of your rights we are unable to provide the Services for which the Personal Information was collected, or perform a contract we have with you.
From time to time, we may establish a business relationship with other businesses whom we believe trustworthy and who have confirmed that their privacy practices are consistent with ours ("Service Providers"). For example, we may contract with Service Providers to provide certain services, such as hosting and maintenance, data storage and management. We only provide our Service Providers with the information necessary for them to perform these services on our behalf. Each Service Provider must agree to use reasonable security procedures and practices, appropriate to the nature of the information involved, in order to protect your Personal Information from unauthorized access, use, or disclosure. Service Providers are prohibited from using Personal Information other than as specified by us.
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose Personal Information and any other information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate in order to respond to legal requests (including court orders and subpoenas), to protect the safety, property, or rights of Vori Health or of any third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
We maintain physical, electronic, and procedural safeguards to protect the confidentiality and security of information transmitted to us. However, no data transmission over the Internet or other network can be guaranteed to be 100% secure. As a result, while we strive to protect information transmitted on or through the Website or Services, we cannot and do not guarantee the security of any information you transmit on or through the Website or Services, and you do so at your own risk.
The Site and Services are intended for users who are 18 years old or older. We do not knowingly collect Personal Information from children under the age of 18.
Please be aware that your Personal Information and communications may be transferred to and maintained on servers or databases located outside your state, province, or country. If you are located outside of the United States, please be advised that we process and store all information in the United States. The laws in the United States may not be as protective of your privacy as those in your location. By using the Site or Services, you are agreeing to the collection, use, transfer, and disclosure of your Personal Information and communications will be governed by the applicable laws in the United States.
We will respect "do not track" signals from your device. However, certain functionality on the Website will not work unless cookies are enabled.
We are headquartered in the United States. Your Personal Information may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers who are located worldwide. If you are visiting the Website from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using the Website, you consent to any transfer of this information.
We will protect the privacy and security of Personal Information according to this privacy statement, regardless of where it is processed or stored, however you explicitly acknowledge and consent to the fact that Personal Information stored or processed in the United States will be subject to the laws of the United States, including the ability of governments, courts or law enforcement or regulatory agencies of the United States to obtain disclosure of your Personal Information.
Questions or comments regarding this Policy should be submitted to the Vori Health Privacy Officer by mail as follows:
c/o Guidepost Solutions LLC
260 Madison Avenue
New York, NY 10016-2401
Attention: Vori Health Chief Privacy Officer
Or by electronic means at: firstname.lastname@example.org
Effective date: 21 April 2021
Approved by Mary I. O’Connor, MD, Chief Compliance Officer