Updated May 25, 2018
Your Privacy Rights
Visible Health may be the Controller or Processor of your personal data provided to us by you or collected by us from you during your use of the website and/or applications, as outlined below. If you use the Visible Health service, you consent to this policy and the use/sharing of your personal data as described herein. You have the choice to opt-out of sharing your data, as described below, and control how we use and share your data.
Information Collected and Received
Visible Health may collect or receive personal information about you, including, but not limited to, user name, password, first and last name, email address, street address, gender, occupation, and interests. You can choose what information you want to share with Visible Health, however if you chose to withhold any personal data requested by us, it may not be possible for you to gain access to certain parts of the Visible Health website and/or application. We collect personal information from you at several different points, including but not limited to the following:
- when we correspond with you as a customer or prospective customer;
- when you visit the Site;
- when you register as an end-user of our Service and an account is created for you;
- when you provide information, such as survey information;
- when you contact us for help; and
- when the Site sends us error reports or application analytics data.
Visible Health does not require you to include sensitive information (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, genetic data, biometric data, data concerning health or data concerning sexual orientation). In the event that you provide such sensitive information as listed above you acknowledge that you have provided Visible Health explicit consent to receive such information.
Lawful Basis for Processing
We will only collect and process your personal data where we have lawful basis. Our lawful basis include consent (where you have given it), where processing is necessary for the performance of a contract with you, and for the purposes of our legitimate interests or the legitimate interests of our third parties, provided that such interest does not outweigh your rights and freedoms. Examples of legitimate interest include but are not limited to: (i) complying with applicable law, (ii) protecting against security or other threats, (iii) administration of our business interests, including improvements and enhancements of our business, and (iv) customer relationship issues.
Your Rights: Access, Correction, Deletion
We retain the personal data that you provide to us when you registered with the Visible Health website and/or application or any other information that you volunteered while using the website and/or application for (i) as long as your account is active or (ii) otherwise for a limited period of time as long as we need to fulfill the purposes for which we have initially collected it, unless otherwise required by law. We retain any information provided as described in the Uses of Information below.
You have the right to request access to the information that Visible Health has on you. You can do this by contacting us at firstname.lastname@example.org. In order to comply with your request, we may have to verify your identity. If you believe that the information that we have about you is incorrect, you are able to contact us at email@example.com with the change request. Any data that is no longer needed for the purposes specific below will be deleted. You have the right to request the deletion of any personal data that we have on you. If you wish to do so, please contact us at firstname.lastname@example.org. Note that Visible Health may not be able to delete any depersonalized data on you.
How We Use Your Information
Visible Health may use personal information that we collect about you to:
- deliver the products and services that you have requested;
- manage your customer relationship and provide you with customer support;
- perform analysis about your use of the website and/or application;
- communicate with you by e-mail, postal mail, telephone and/or mobile devices about products or services that may be of interest to you;
- enforce our terms and conditions and other agreements between Visible Health and you;
- manage our business;
- respond to investigation, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, or as otherwise required by law; and
- perform functions as otherwise described to you at the time of collection.
How We Share Your Information
(a) Personally Identifiable Information. Visible Health will never sell your email address or any other personally identifiable information, to any third party without your permission. We may store personally identifiable information in locations outside the direct control of Visible Health (for example, on servers or databases co-located with hosting providers). Any personally identifiable information you elect to make publicly available on our websites and/or applications (such as posting comments, reviewing items, etc.) will be available to others. Except as described in this Section, we will not disclose your personally identifiable information to any third party except consultants working on our behalf, without notifying you of our intent to share the information and giving you an opportunity to prevent your information from being shared. From time to time, we may partner with companies based on the interests of our users. These partner companies will never see your email address or any other information that could identify you or be used to contact you directly.
(b) Non-Personally Identifiable Information. The Visible Health site registration form may require users to give Visible Health contact information (such as your name and email address) and demographic information (such as your zip code, age, or income level). Visible Health uses your contact information from the registration form to send you information about Visible Health and promotional material from some of Visible Health’s partners. Your contact information may also be used to contact you when necessary. Visible Health may use demographic and/or profile data to tailor your experience on the Visible Health website and/or applications, show you content that Visible Health thinks you may be interested in, and display content according to your preferences. The demographic and profile data will be shared with third parties ONLY on an aggregate basis. Furthermore, Visible Health shall have the right to retain records of all data pertaining to use of the website and applications including, but not limited to, usage, activity logs, and click-throughs. Visible Health may disclose such data to third parties provided it is grouped with other Visible Health users’ data and is presented in an aggregate form.
(c) We May Be Required to Share Your Information. Visible Health reserves the right to disclose information when required by law, such as by a subpoena or other legal proceedings. Visible Health may also disclose your information if we reasonably believe it necessary to (i) comply with requests of law enforcement or other applicable law; (ii) to enforce any agreement between you and us; (iii) to protect the security and integrity of our site, applications, or services; and/or (iv) to protect us, our users or others.
(d) What Happens in the Event of a Change of Control: We may be involved with an acquisition or divestiture of our business, products or services. Information we maintain including names and email addresses, and other information related to the Visible Health service may be sold or transferred in connection with such transaction. We may also sell, assign or otherwise transfer such information in connection with a sale of all or substantially all of our business or assets. You will be notified via email and/or a notice on our site of any applicable change in ownership or uses of your information.
(e) Behavioral Targeting / Re-Targeting. We allow advertisers to display advertising on our sites and applications. Our advertisers may use technology such as cookies to gather information about your activities on multiple sites in order to provide you advertising based upon your activities and interests. The only way to opt out of the collection of any information through cookies or other tracking technology is through the settings in your browser or mobile device. Please review your browser or mobile device information for instructions on how to delete and disable cookies, and other tracking/recording tools (to learn more about cookies, clear gifs/web beacons and related technologies, you may wish to visit http://www.allaboutcookies.org and/or the Network Advertising Initiative’s online resources, at http://www.networkadvertising.org). If you access the Visible Health service, websites and/or applications on your mobile device, you may not be able to control tracking technologies through the settings. For more information, see the Cookies Section below.
(f) Testimonials. We may also disclose, on an anonymous basis, statements made by our users. However, with your consent, we may post your testimonial along with your name. If at any point you wish to update or delete your testimonial, please contact us at email@example.com.
How We Store and Process Your Information
The information collected by Visible Health may be processed and/or stored in the United States, European Union Member Nations, Canada, or any other country in which Visible Health or its affiliates or service providers maintain operations. Visible Health may transfer information that we collect, including personally identifiable information, to affiliated entities, or to other third parties across borders and from your country or jurisdiction of domicile to other countries or jurisdictions. If you are located in the European Union or other regions with laws restricting transferring of data, please note that we will comply with laws applicable to us.
We want to make you aware that pursuant to the EU Data Protection Laws, Visible Health shall act as a Processor or Subprocessor, and not a Controller with respect to any personal information collected on behalf of our customers. If you are a customer who uses our services and you collect personal information on citizens within the European Economic Area, we ask that you contact firstname.lastname@example.org to request a Data Processing Addendum (“DPA”). This DPA implements the GDPR’s Article 28 terms for processors and also incorporates the European Commission’s Standard Contractual Clauses (processors) of 2010 (also known as “model processor clauses” or “SCC 2010”) to facilitate the lawful transfer of Personal Data from the EU to outside of the EU, where necessary and as required.
How We Protect Your Information
Visible Health is concerned with protecting your privacy and data, and therefore we use industry-standard technologies when transferring and receiving consumer data exchanged between Visible Health and other companies to help ensure its security. This site has security measures in place designed to protect the loss, misuse and alteration of the information under Visible Health’s control. Visible Health’s servers are backed up regularly and protected by security systems. However, we cannot ensure or guarantee the security of any information you transmit to us or guarantee that your information on the Visible Health service may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. If you have any questions about security on our website and/or application, you can contact us at email@example.com. We may use an outside help platform, and a credit card processing company to bill you if you purchase services. These companies do not retain, share, store or use personally identifiable information for any other purposes.
Global Positioning System
Global Positioning System (GPS) tracking technology may need to be enabled in Visible Health products and services in order to determine the location (latitude and longitude) of users of the Visible Health products and services. You acknowledge and consent to the use of this technology. You have the right to reject the use of this technology by contacting firstname.lastname@example.org, however note that this technology and its applicable information is used in conjunction with Visible Health’ applications and therefore some elements of the Visible Health’ website and/or application may not be accessible to you. This information is transmitted to Visible Health, Visible Health’s users, and temporarily stored by Visible Health. Visible Health does not provide this information to any other third party.
Visible Health may create links to other web sites. Visible Health will make a reasonable effort to link only to sites that meet similar standards for maintaining each individual’s right to privacy. However, many other sites that are not associated or authorized by Visible Health may have links leading to our site. Visible Health cannot control these links and Visible Health is not responsible for any content appearing on these sites.
We do not knowingly collect any information from anyone who we know to be under the age of 13. If you are under the age of 18, you should use this website only with the involvement of a parent or guardian and should not submit any personal information to us. If we discover that a person under the age of 13 has provided us with any personal information, we will use commercially reasonable efforts to delete such person’s personal information from all Visible Health systems.
Your California Privacy Rights
Visible Health does not currently respond to browser “Do Not Track” (DNT) signals or other mechanisms. Third parties may collect personal information about your online activities over time and across sites when you visit the website and/or application. If you are a California resident, California Civil Code Section 1798.83 permits you to request certain information regarding our disclosure of personal information to third parties for the third parties’ direct marketing purposes. To make such a request, please contact us by sending an e-mail to email@example.com.
Our website and/or application are not intendent to appeal to minors. However, if you are a California resident under the age of 18, and a registered user of our website and/or application, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please send an e-mail with a detailed description of the specific content or information to firstname.lastname@example.org. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
Under California law, California residents who have an established business relationship with us may opt-out of our disclosing personal information about them to third parties for their marketing purposes International Transfer of your Personal Information
The website and/or application is hosted and operated entirely in the United States and is subject to United States law. Any personal information that we collect from you is currently stored and processed in the United States. If you are accessing the website and/or application outside of the U.S., you need to understand that by accessing our website and/or application, you consent to the transfer of your personal information to the United States. Please be advised that United States law may not offer the same privacy protections as the law in your jurisdiction. European Union or Swiss individuals may refer to the Privacy Shield statement below with regard to the transfer of their personal data. Amendments
Successors and Assigns
The Visible Health site provides users the opportunity to opt-out of receiving communications from Visible Health, except transactional correspondence. To opt-out of receiving our communications, you can (i) send email to email@example.com; or (ii) send postal mail to: Escalation Point, Inc., dba Visible Health, 2110 South Lamar, Suite I, Austin, Texas 78704, (iii) use the appropriate settings in the end user application.
Privacy Shield Statement
Escalation Point, Inc., dba Visible Health (the “Company,” “we,” or “us”) complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework, as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.
A). Definitions “Personal Data” means information that (1) is transferred from the EU/EEA or Switzerland to the United States; (2) is recorded in any form; (3) is about or pertains to a specific individual; and (4) can be linked to that individual. “Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
B). Principles We may receive Personal Data from parties located in the EU/EEA or Switzerland. Such information may contain names, addresses, email addresses and may be about customers, employees of customers, business partners, consultants, employees, and candidates for employment. Whenever we collect Personal Data from individuals, we comply with the Principles:
- Notice. We shall inform an individual of the purpose for which we collect and use their Personal Data and the types of third parties to which our Company discloses or may disclose that Personal Data. Our Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to our Company, or as soon as practicable thereafter, and in any event before our Company uses or discloses the Personal Data for a purpose other than for which it was originally collected. Our Company may be required to disclose Personal Data in response to lawful request by public authorities, including to meet national security or law enforcement requirements.
- Choice. We will offer individuals the opportunity to choose (opt out) whether their Personal Data is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, our Company will give individuals the opportunity to affirmatively or explicitly (opt in) consent to the disclosure of the information to a third party or for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Our Company shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information. Agents, technology vendors and/or contractors of our Company may have access to an individual’s Personal Data on a need to know basis for the purpose of performing services on our behalf or providing or enabling elements of the services. All such agents, technology vendors and contractors who have access to such information are required to keep the information confidential and not use it for any other purpose than to carry out the services they are performing for us or as otherwise required by law.
- Accountability for Onward Transfer. Prior to disclosing Personal Data to a third party, we shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. Our Company shall ensure that any third party to which Personal Data may be disclosed subscribes to the Principles or is subject to laws providing the same level of privacy protection as is required by the Principles and agrees in writing to provide an adequate level of privacy protection. Our Company may be held responsible in cases of onward transfers to third parties.
- Data Security. We shall take reasonable steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. Our Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Personal Data from loss, misuse, unauthorized access or disclosure, alteration or destruction. However, our Company cannot guarantee the security of Personal Data on or transmitted via the Internet.
- Data Integrity and Purpose Limitation. We shall only process Personal Data in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, our Company shall take reasonable steps to ensure that Personal Data is accurate, complete, current and reliable for its intended use.
- Access and Recourse. We acknowledge the individual’s right to access their Personal Data. We shall allow an individual access to their Personal Data and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
- Enforcement and Liability. The Federal Trade Commission has jurisdiction over our Company’s compliance with the Privacy Shield Frameworks. In compliance with the Privacy Shield Principles, our Company commits to resolve complaints about our collection or use of your personal information. EU or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact our Company at: Escalation Point, Inc., dba Visible Health 2110 South Lamar, Suite I Austin, Texas 78704
Escalation Point, Inc., dba Visible Health has committed to refer unresolved privacy complaints under the Privacy Shield Principles to the EU Data Protection Authorities or the Swiss Federal Data Protection and Information Commissioner (FDPIC). Please note that if your complaint is not resolved through any of the above channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.