We gather various types of Personal Information from our users, as explained in more detail below, and we use this Personal Information internally in connection with our Services, including to personalize, provide, and improve our services, to allow you to set up a user account and profile, to contact you and allow other users to contact you, to fulfill your requests for certain services, and to analyze how you use the Services. In certain cases, we may also share some Personal Information with third parties, but only as described below.
We do not knowingly collect or solicit personal information directly from anyone under the age of 18 or knowingly allow such persons to register for the Services; however, Obeo Health may collect certain personal information about children from their Parents who are registered Members of the Services. If you are under 18, please do not attempt to register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 18 may provide any personal information on their own behalf to us or on the Services. In the event that we learn that we have collected personal information from a child under age 18 (and not from a Parent on that child’s behalf), we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18 that was not supplied by that child’s Parent, please contact us at email@example.com.
What information does Obeo Health collect?
Information you provide to us.
We receive and store any information you provide to us. For example, we collect Personal Information and Children’s Personal Information such as your or your child’s name, health information (including without limitation diagnosis, medications, treatments, allergies, procedures, and other sensitive medical information), email address, physical location, birthdate, gender and other demographic information. You can choose not to provide us with certain information, but then you may not be able to register with us or to take advantage of some of our features. We may anonymize your Personal Information or Children’s Personal Information, so that you cannot be individually identified, and provide that information to our partners.
Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We will maintain the privacy of your health information as required by HIPAA and the regulations promulgated under that Act. Health information we collect about you may include medical records, age, gender, health background, health status, prescribed or over-the-counter medications, Authorized Provider notes and diagnosis, medical ID numbers, laboratory test results and insurance information.
Information collected automatically. Obeo Health collects and stores the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and your operating system; the date and time you access the service; and the Internet address of the website from which you directly linked to Obeo Health. Obeo Health uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to help make the Obeo Health service more useful.
We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often Members use a particular feature of the Services, and we can use that knowledge to make the Services interesting to as many Members as possible. We may also provide this aggregate information to our partners; our partners may use such information to understand how often and in what ways people use our Service, so that they, too, can provide you with an optimal experience. We never disclose aggregate information to a partner in a manner that would identify you personally.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support “Do Not Track” requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.
Information requests. If you wish to request more information about Obeo Health prior to registering, you are required to provide contact information (for example, name and email address). It is optional for you to provide additional contact information (for example, health plan and physician). This information will be used by Obeo Health to contact you about our services.
Email and other communications. We may contact you, by email or other means; for example, we may communicate with you about your use of the Service. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make emails more interesting and improve our service. If you do not want to receive email or other mail from us, please indicate your preference by sending an email to firstname.lastname@example.org. Please note that if you do not want to receive legal notices from us, those legal notices will still govern your use of the Service, and you are responsible for reviewing such legal notices for changes.
Will Obeo Health share any of the Personal Information it receives?
We neither rent nor sell your Personal Information or Children’s Personal Information in personally identifiable form to anyone. We share your Personal Information or Children’s Personal Information in personally identifiable form with third parties as described below.
Compliance with laws. Obeo Health will not disclose personal information (contact, health and/or billing) to third parties other than as provided for in this Privacy Statement, except when required to do so by law or you have otherwise consented to additional use or disclosure of the information.
Business partners. Obeo Health may work with business partners in making our services available to consumers. It is our policy to require companies with whom we do business to support the same privacy policies we do. When you sign up for these services, we will share information only as necessary for the third party to provide related services or assist us in providing our services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
Third parties. If you use Obeo Health to link to another website, you may decide to disclose personal information at that website. For example, you might provide your contact information to obtain an information packet from an organization. Please be aware that in contacting that site, or in providing information on that site, that third party may obtain personal information about you. This Privacy Statement does not apply when you leave Obeo Health and go to a third party website from Obeo Health. We structure the Obeo Health service so that no personal or health information goes in the search string or URL when you move from the Obeo Health service to a linked website. We encourage you to be aware when you leave our service and to read the privacy statements of each and every site that collects personally identifiable information.
Additional use and disclosure of your information: In addition to the uses and disclosures of information outlined above, your information may also be used and disclosed as follows:
- Supply certain claims data in order to facilitate and coordinate your receipt of certain insurance benefits.
- Survey you to evaluate and improve the Obeo Health service.
- Communicate back to you about customer service issues.
- Update you on service and Obeo Health benefits.
- Use your provider and/or insurance plan information to customize your experience, or to show your health plan or its TPA logo on Obeo Health web pages.
De-identified information: On occasion, Obeo Health may make arrangements with certain customers or business partners to share certain pattern information in order to assist such customers or business partners in evaluating patterns, utilization, usage trends, etc. Obeo Health may also share such information with you or other users of our service. This type of information may be based in part on information related to you, but does not allow for the personal identification of any individual (in other words, it is “patient de-identified”). This information will not be used by the customer or business partner for marketing and/or any other purpose.
- Obeo Health removes your identity from your personal information (contact, health and/or financial) and may work with it as anonymous (“de-identified”) information.
- De-identified individual information is information about a user presented in a form where information about one anonymous user would be indistinguishable from information relating to other anonymous users (“a 40 year old female”). De-identified individual information is not in a form that allows anyone studying the information to personally identify any user.
- Aggregate information is information that describes the habits, usage patterns and/or demographics of users as a group but does not reveal the identity of particular users. Your anonymous data is combined with the anonymous data of other Obeo Health users and becomes statistics. We might use aggregate information within Obeo Health to understand the needs of the Obeo Health community of users and determine what kinds of programs and services we can offer to you. Obeo Health could use this anonymous information to give potential users or business partners a picture of the Obeo Health community and services. Aggregate information may be provided or sold to third parties. Absolutely no personal identifying information is included in the aggregate reports; each individual remains anonymous.
Business transfers. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information and Children’s Personal Information would be one of the assets transferred to or acquired by a third party.
With your consent. Except as set forth above, you will be notified when your Personal Information or Children’s Personal Information may be shared with third parties, and will be able to prevent the sharing of this information.
Is Personal Information about me secure?
If you register with the Service, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information or Children’s Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We endeavor to protect the privacy of your account and other Personal Information and Children’s Personal Information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
All communication between you and the Obeo Health server is secured by using SSL version 3.0, which uses 128-bit encryption. Obeo Health takes commercially reasonable measures to secure your data on our servers. The data center we use is both physically and electronically secured. Our internet servers are protected on the internet behind a firewall which is a hardware and software system that blocks access by unauthorized parties.
How does Obeo Health store and maintain information?
Obeo Health will store and maintain Personal Information (as defined below) and Contact information in accordance with the requirements agreed to by Obeo Health and your health plan or its TPA, unless you notify Obeo Health by contacting us at email@example.com, that either (i) you wish to have all or a portion of your Personal Information Purged (as defined below) from Obeo Health’s system; or (ii) you wish to have Obeo Health retain all or a portion of such information. For more information on the specific requirements that Obeo Health and your health plan or its TPA agreed we would follow, you may contact us at (650) 689-5026 or at firstname.lastname@example.org or you may contact your health plan or its TPA. Personal Information shall mean your sensitive personal information, including but not limited to social security numbers, account numbers, protected health information (PHI), claim data, financial data, date of birth, prescription-related information, and passwords, but shall exclude Contact Data. Contact Data shall mean your name and email address and electronic communications between you and Obeo Health (such as ask Obeo Health inquiries and emails). Obeo Health shall not sell or disclose Contact Data to any unrelated third party other than disclosures to you and your health plan or its TPA or as may be required in connection with our business operations.
What choices do I have?
You may be able to add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account by notifying us at email@example.com. Please note that some information may remain in our private records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Information or Children’s Personal Information after you update or delete it, but not in a manner that would identify you personally.
Questions or Concerns?
If you have any questions or concerns regarding our privacy policies, please send us a detailed message to firstname.lastname@example.org. We will make every effort to resolve your concerns.
Effective Date: October 1, 2014