Obeo Health Privacy Policy

We at Obeo Health (“Obeo,” “we,” “us,” “our”) know that our Members (“you,” “your”) care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about our Privacy Policy. By using the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in the following ways. Remember that your use of Obeo Health’s Service is at all times subject to the Terms of Use (www.obeohealth.com/termsofuse.html), which incorporates this Privacy Policy. Any capitalized terms used herein without definition shall have the meaning given to them in the Terms of Use, available at www.obeohealth.com/termsofuse.html.

What does this Privacy Policy cover?

This Privacy Policy covers our treatment of personally identifiable information (“Personal Information”) that we gather when you are accessing or using our Services, but not to the practices of companies we don’t own or control, or people that we don’t manage.

We gather various types of Personal Information from our users, as explained in more detail below, and we use this Personal Information internally in connection with our Services, including to personalize, provide, and improve our services, to allow you to set up a user account and profile, to contact you and allow other users to contact you, to fulfill your requests for certain services, and to analyze how you use the Services. In certain cases, we may also share some Personal Information with third parties, but only as described below.

We do not knowingly collect or solicit personal information directly from anyone under the age of 18 or knowingly allow such persons to register for the Services; however, Obeo Health may collect certain personal information about children from their Parents who are registered Members of the Services. If you are under 18, please do not attempt to register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 18 may provide any personal information on their own behalf to us or on the Services. In the event that we learn that we have collected personal information from a child under age 18 (and not from a Parent on that child’s behalf), we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18 that was not supplied by that child’s Parent, please contact us at privacy@obeohealth.com.

Our treatment of children’s personal information collected from Parents is covered by this Privacy Policy. Hereinafter, references to “Personal Information” shall apply to personal information of individual website users who are 18 or older, while “Children’s Personal Information” shall only apply to personal information about children under 18 that has been provided to us by Parents or third parties through the Service. General references to “information” shall apply to information collected from any Member, about any Member (including about children under 18). Any references to “you” throughout this Privacy Policy shall apply to a Member who is 18 or over. Again, we do not collect or solicit any Children’s Personal Information directly from children under 18, and we do not allow such children to register as Members of our Services.

Will Obeo Health ever change this Privacy Policy?

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well, but we will alert you to changes by placing a notice on our website, by sending you an email, and/or by some other means. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is collected.

What information does Obeo Health collect?

We gather various types of information from our Members, as explained below more fully. We may use this Personal Information and Children’s Personal Information to personalize and improve our services, to allow our Members to set up a Member account and profile, to contact Members, to fulfill your requests for certain services, to analyze how Members utilize the Service, and as otherwise set forth in this Privacy Policy. We may share certain types of Personal Information and Children’s Personal Information with third parties (described in this Section and below). We collect the following types of information:

Information you provide to us.
We receive and store any information you provide to us. For example, we collect Personal Information and Children’s Personal Information such as your or your child’s name, health information (including without limitation diagnosis, medications, treatments, allergies, procedures, and other sensitive medical information), email address, physical location, birthdate, gender and other demographic information. You can choose not to provide us with certain information, but then you may not be able to register with us or to take advantage of some of our features. We may anonymize your Personal Information or Children’s Personal Information, so that you cannot be individually identified, and provide that information to our partners.

Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We will maintain the privacy of your health information as required by HIPAA and the regulations promulgated under that Act. Health information we collect about you may include medical records, age, gender, health background, health status, prescribed or over-the-counter medications, Authorized Provider notes and diagnosis, medical ID numbers, laboratory test results and insurance information.

Information collected automatically. Obeo Health collects and stores the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and your operating system; the date and time you access the service; and the Internet address of the website from which you directly linked to Obeo Health. Obeo Health uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to help make the Obeo Health service more useful.

We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often Members use a particular feature of the Services, and we can use that knowledge to make the Services interesting to as many Members as possible. We may also provide this aggregate information to our partners; our partners may use such information to understand how often and in what ways people use our Service, so that they, too, can provide you with an optimal experience. We never disclose aggregate information to a partner in a manner that would identify you personally.

If you click on a link to a third party website or service, a third party may also transmit cookies to you. Again, this Privacy Policy does not cover the use of cookies by any third parties, and we aren’t responsible for their privacy policies and practices. Please be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services, and those third parties may not honor “Do Not Track” requests you have set using your browser or device.

Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support “Do Not Track” requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.

Information requests. If you wish to request more information about Obeo Health prior to registering, you are required to provide contact information (for example, name and email address). It is optional for you to provide additional contact information (for example, health plan and physician). This information will be used by Obeo Health to contact you about our services.

Pre-registration. You may be pre-registered for Obeo Health by your health plan or its third party administrator (“TPA”). The pre-registration process requires the collection of contact information about you (for example, name and email address). Your health plan may provide (or may have its TPA provide) additional information based on its information which we collect. This information will be used by Obeo Health to set up your Obeo Health account. In order to complete registration to use Obeo Health, you will be asked to agree to Obeo Health’s Terms of Use. You may request not to receive information from Obeo Health at any time.

Email and other communications. We may contact you, by email or other means; for example, we may communicate with you about your use of the Service. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make emails more interesting and improve our service. If you do not want to receive email or other mail from us, please indicate your preference by sending an email to privacy@obeohealth.com. Please note that if you do not want to receive legal notices from us, those legal notices will still govern your use of the Service, and you are responsible for reviewing such legal notices for changes.

Will Obeo Health share any of the Personal Information it receives?

We neither rent nor sell your Personal Information or Children’s Personal Information in personally identifiable form to anyone. We share your Personal Information or Children’s Personal Information in personally identifiable form with third parties as described below.

Compliance with laws. Obeo Health will not disclose personal information (contact, health and/or billing) to third parties other than as provided for in this Privacy Statement, except when required to do so by law or you have otherwise consented to additional use or disclosure of the information.

Business partners. Obeo Health may work with business partners in making our services available to consumers. It is our policy to require companies with whom we do business to support the same privacy policies we do. When you sign up for these services, we will share information only as necessary for the third party to provide related services or assist us in providing our services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.

Third parties.  If you use Obeo Health to link to another website, you may decide to disclose personal information at that website. For example, you might provide your contact information to obtain an information packet from an organization. Please be aware that in contacting that site, or in providing information on that site, that third party may obtain personal information about you. This Privacy Statement does not apply when you leave Obeo Health and go to a third party website from Obeo Health. We structure the Obeo Health service so that no personal or health information goes in the search string or URL when you move from the Obeo Health service to a linked website. We encourage you to be aware when you leave our service and to read the privacy statements of each and every site that collects personally identifiable information.

Additional use and disclosure of your information: In addition to the uses and disclosures of information outlined above, your information may also be used and disclosed as follows:

  • Supply certain claims data in order to facilitate and coordinate your receipt of certain insurance benefits.
  • Survey you to evaluate and improve the Obeo Health service.
  • Communicate back to you about customer service issues.
  • Update you on service and Obeo Health benefits.
  • Use your provider and/or insurance plan information to customize your experience, or to show your health plan or its TPA logo on Obeo Health web pages.

De-identified information: On occasion, Obeo Health may make arrangements with certain customers or business partners to share certain pattern information in order to assist such customers or business partners in evaluating patterns, utilization, usage trends, etc. Obeo Health may also share such information with you or other users of our service. This type of information may be based in part on information related to you, but does not allow for the personal identification of any individual (in other words, it is “patient de-identified”). This information will not be used by the customer or business partner for marketing and/or any other purpose.

  • Obeo Health removes your identity from your personal information (contact, health and/or financial) and may work with it as anonymous (“de-identified”) information.
  • De-identified individual information is information about a user presented in a form where information about one anonymous user would be indistinguishable from information relating to other anonymous users (“a 40 year old female”). De-identified individual information is not in a form that allows anyone studying the information to personally identify any user.
  • Aggregate information is information that describes the habits, usage patterns and/or demographics of users as a group but does not reveal the identity of particular users. Your anonymous data is combined with the anonymous data of other Obeo Health users and becomes statistics. We might use aggregate information within Obeo Health to understand the needs of the Obeo Health community of users and determine what kinds of programs and services we can offer to you. Obeo Health could use this anonymous information to give potential users or business partners a picture of the Obeo Health community and services. Aggregate information may be provided or sold to third parties. Absolutely no personal identifying information is included in the aggregate reports; each individual remains anonymous.
  • Locator information is your name, electronic messaging address, physical address, and/or other data that enables someone to personally identify you. Obeo Health and your Internet Access Provider may use Locator information as is necessary to enforce any of the terms of the Obeo Health Terms of Use.

Business transfers. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information and Children’s Personal Information would be one of the assets transferred to or acquired by a third party.

With your consent. Except as set forth above, you will be notified when your Personal Information or Children’s Personal Information may be shared with third parties, and will be able to prevent the sharing of this information.

Is Personal Information about me secure?

If you register with the Service, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information or Children’s Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

We endeavor to protect the privacy of your account and other Personal Information and Children’s Personal Information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

The Service may contain links to other sites. We are not responsible for the privacy policies and/or practices on other sites. When following a link to another site you should read that site’s privacy policy.

All communication between you and the Obeo Health server is secured by using SSL version 3.0, which uses 128-bit encryption. Obeo Health takes commercially reasonable measures to secure your data on our servers. The data center we use is both physically and electronically secured. Our internet servers are protected on the internet behind a firewall which is a hardware and software system that blocks access by unauthorized parties.

How does Obeo Health store and maintain information?

Obeo Health will store and maintain Personal Information (as defined below) and Contact information in accordance with the requirements agreed to by Obeo Health and your health plan or its TPA, unless you notify Obeo Health by contacting us at privacy@obeohealth.com, that either (i) you wish to have all or a portion of your Personal Information Purged (as defined below) from Obeo Health’s system; or (ii) you wish to have Obeo Health retain all or a portion of such information. For more information on the specific requirements that Obeo Health and your health plan or its TPA agreed we would follow, you may contact us at (650) 689-5026 or at privacy@obeohealth.com or you may contact your health plan or its TPA. Personal Information shall mean your sensitive personal information, including but not limited to social security numbers, account numbers, protected health information (PHI), claim data, financial data, date of birth, prescription-related information, and passwords, but shall exclude Contact Data. Contact Data shall mean your name and email address and electronic communications between you and Obeo Health (such as ask Obeo Health inquiries and emails). Obeo Health shall not sell or disclose Contact Data to any unrelated third party other than disclosures to you and your health plan or its TPA or as may be required in connection with our business operations.

What choices do I have?

You may be able to add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account by notifying us at privacy@obeohealth.com. Please note that some information may remain in our private records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Information or Children’s Personal Information after you update or delete it, but not in a manner that would identify you personally.

Questions or Concerns?

If you have any questions or concerns regarding our privacy policies, please send us a detailed message to privacy@obeohealth.com. We will make every effort to resolve your concerns.

Effective Date: October 1, 2014