The App is designed to work in conjunction with certain third party products and services, including a third party spirometer (each a “Device”) and intermediary software application (“Intermediary App”). The Device and IntermediaryApp are made available by our third party partners and such third party partners are solely responsible for the Device and Intermediary App, including their privacy and data policies.
Device Data. Your Device collects data to measure and monitor airflow into and out of your lungs, including air intake and exhalation and the speed of your breath (“Device Data”). The data collected may vary depending on yourDevice and the settings you have chosen for your Device, the Intermediary App(such as iSpirometry®), or our App. You may share the Device Data from theIntermediary App to us through our App or our third party messaging provider. You control how you wish to share this DeviceData with us and your Providers. This information may include date and time of usage from your Device and your responses to our follow up questions.
Information that your Providers provide. You understand and agree that the Providers may contact us or you, we may contact them or you, they may share with us or you, and we may share with them or you any information about you that is necessary or useful to enable us to provide theServices that you request of us. Such information may include, among other information, User Health Data and other information described in the Information you provide paragraph above.
Information Automatically Collected; Cookies; Tags. When you access or use the Services, we may collect information about you and your computer or device, including through the use of both session and persistent “cookies,” “pixel tags,” or “web beacons” (collectively, “Tags”). “Cookies” are small data files stored on your hard drive, and “pixel tags” or “web beacons” are small graphic files placed on a website or within the body of an email for the purpose of tracking your internet activity and tracking when emails are opened or accessed. A “session” Tag will not collect information once you close the program used to access the Tag (e.g., a web browser), while a persistent Tag will collect information until it is deleted.
The type of information we automatically collect when you access or use the Services may include the IP (Internet Protocol) address of your computer or device; information about Tags on your computer or device; pages you viewed on the Site; how long you spent accessing each page; how long you used an App; times and dates that you accessed or used the Services; your computer or device type and operating system type; browser type and language; and other information about how you accessed or used the Services.
We also analyze your information and your access and use of the Services in order to improve and customize your experience, including remembering information so you will not have to reenter it. We may also use such information to contact you regarding changes, system maintenance and outage issues, account or membership issues, or otherwise troubleshoot problems related to the Site, Services, or Apps.
We may share with your Providers any information about you that is necessary or useful to enable us to provide the Services that you request of us.
Communications with your Providers. We may share your information with your Providers, including information collected from your Device and which you choose to share with us, including User Health Data, through our App or third party messaging partner. We cannot control how any Provider may use or disclose of the information you may make available through use of the Service.
Improving our Products and Services. We may use your data, including your User Health Data, to improve our algorithms, technology, products and services, including to train our software and to gain greater understanding of the factors involved in controlling and monitoring asthma and lung health. For these purposes, we will anonymize or de-identify your User Health Data in a way that complies with HIPAA requirements so that such User Health Data is not identifiable or linkable to you.
Service providers. We will disclose your information to our service providers that assist with the Site, Services, or Apps. For example, we may use a third party messaging service to gather additional information about your symptoms based on information collected by the Device. We contractually require our service providers not to use or share your information for purposes other than as needed to provide the applicable services.
Marketing Communications. We may in the future distribute a newsletter or other marketing or promotional communications to information our user about promotions, upcoming events, and other news about products and services offered by us and our selected partners. Prior to sending you any such newsletter or other marketing communications, we will obtain your consent. Thereafter, our marketing emails will tell you how to “opt-out.” If you opt out, we may still send you non-marketing emails, including emails about purchase confirmations, invoices, technical notices, security alerts, and support and administrative messages.
Corporate events. If we become involved in a merger, acquisition, or any form of sale of some or all of our assets, your information may be included in the assets sold or transferred to the acquirer. You agree that we may transfer or assign the information we have collected about you in connection with any such event. In the event of a bankruptcy, insolvency, reorganization, receivership or assignment for the benefit of creditors, we may not be able to control how your personal information is treated, transferred, or used.
California requires operators of websites or similar services to make certain disclosures to users who reside in California regarding their rights, specifically:
Shine the Light. For clarity, we will not trade, rent, share or sell your Personal Information to third parties unless you ask or authorize us to do so. However, if we disclose Personal Information that is primarily used for personal, family, or household purposes of a California user to a third party for said third party’s direct marketing purposes, we will identify such third party along with the type of personal data disclosed, upon your request. For further clarification, please refer to the “Contact Us” section below. UnderCalifornia law, businesses are only required to respond to a user’s request once during any calendar year.
Do-Not-Track. Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. California law requires that we disclose to users how we treat do-not-track requests. TheInternet industry has not yet agreed on a definition of what “Do Not Track”means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. We do not track our users movements across the web, nor have we developed features that would recognize or respond to browser initiated Do Not Track signals in response to California law.
You may update, change, or correct your personal information through the App, the Services or by contacting us at firstname.lastname@example.org. We will update your account, membership, or information as requested, provided, that we may decline to update information if we determine the request to be impractical (for instance, requests concerning information residing on backup tapes or other historical data) or to be inconsistent with our data retention practices (described above). In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Social media sites. We may have pages or other presence on various social networking sites or services, such as Facebook, Twitter, and the like. Any information you post or provide through such sites and services will be subject to the policies of those sites and services.
Disclaimer and release. We cannot control how any Providers, or third parties might use or disclose your information, so be sure that you trust them and that you are comfortable with the information that may be shared with them. You are responsible for designating your Providers and for keeping your list of Providers current, so please add, remove, or modify relevant information about Providers as such information changes.
The Site, Services, and Apps are not intended for use by minors under the age of 13, unless through a parent or guardian. If we learn that a child under the age of 13 has provided us with personal information without parental consent, we will promptly take reasonable and appropriate actions to remove such user and delete any personal information from our servers.
In certain situations, we are a "Business Associate," as defined by HIPAA (the federal Health Insurance Portability and Accountability act) of certain “covered entities”, and have certain federal, state and contractual restrictions as to how we can use your "protected health information" (PHI), including with respect to the Providers. In other situations, we are required by federal and state data protection laws to protect the confidentiality of your Personally Identifiable Information (PII). When acting as a Business Associate, we may only use or disclose your PHI and PII as required by law or, in the case of PHI, as permitted by the Business Associate Agreements (BAAs) we have with our customers including Providers. Please be aware that when you give others access to your data (including PHI and PII), they may be able to use, reproduce, distribute, display, transmit, and/or communicate that data to others and the public. Please consider carefully what you choose to share or make public. We shall not have any responsibility for access, use or disclosure of your data by people you authorized to have access to your user account. If you are using theService in coordination with your Providers or as part of a research study, you are granting access to your health information (including PHI and PII) to theProviders and study personnel. You expressly consent to the access and disclosures outlined in this section.
In the absence of such business associate agreement or provider agreement, you understand and agree that your information is not protected under HIPAA. However, we will take reasonable security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of your information. However, we cannot guarantee your information will be absolutely secure or that unauthorized persons will not access or use your personal information for improper purposes. In the event of a breach of security affecting the personal information that you or Providers have provided to us, or the personal information that we have collected, we will take remedial actions as required by applicable laws, which might include providing you notice of such breach. You agree that we may send you such notices via the Site, Services, Apps, email, or mail.