Wildflower Health, Inc.
2. Information We Collect
- Personal Information Generally. When you access the Services, we will ask you to provide us with certain information that personally identifies you, or the individual for whom you are using this Application, or could be used to personally identify you or the individual for whom you are using this Application, or that you provide to create profiles for additional users who you intend to invite (“users”) to use your Application (“Personal Information”). Personal Information about you, or others, or your users may include: (i) contact data (such as name, e-mail address and phone number); (ii) demographic data (such as gender, date of birth and zip code); (iii) insurance data (such as insurance carrier, insurance plan, member ID, group ID and payer ID); (iv) medical data (such as the doctors, dentists, pharmacies or other healthcare specialists, professionals, providers, or organizations (collectively, “Healthcare Providers”) visited, reasons for visit, medical history, and other medical and health information you choose to share with us); and (v) other identifying information that you choose to provide to us, including without limitation unique identifiers such as passwords. You may still access and use some of the Services if you choose not to provide us with any Personal Information, but features of the Services that require your and your users’ Personal Information may not be accessible to you.
- Traffic Data. We also may automatically collect certain data when you use the Services, such as (i) IP address; (ii) type of device(s) used to access the Services; (iii) web browser(s) used to access the Services; and (iv) other statistics and information associated with the interaction between your browser or device and the Services (collectively “Traffic Data”).
- HIPAA and PHI. We may create, collect, receive, maintain or transmit information between you and us that is considered protected health information as defined under the Health Insurance Portability and Accountability Act of 1996 as amended from time to time including Sections 13400 through 13424 of the Health Information Technology for Economic Clinical Health Act and the corresponding Standards for Privacy of Individually Identifiable Health Information, Security Standards and Notification in Case of Breach of Unsecured Protected Health Information (collectively, (“HIPAA”). HIPAA defines such information as “PHI”. You can learn more about HIPAA at http://www.hhs.gov/ocr/privacy/. We will only use and disclose such PHI as permitted under HIPAA.
3. How We Collect Information
- We collect information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:
- When you voluntarily provide information in free-form text boxes through the Services or through responses to email, signup forms, contact forms, registration forms, surveys, questionnaires and the like;
- If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices; and
- Through application analytics services and other tracking technology (collectively, “Tracking Tools”) used to gather usage statistics to better make future product decisions.
4. Use and Disclosure of Personal Information
Wildflower Health may keep track of the screens, views, and actions that our users take when they use the Services in order to determine what Wildflower Health services are the most popular. This data is used to deliver customized content within the Application to users whose behavior indicates that they are interested in a particular subject area.
In addition, we also use information, including Personal Information, to provide the Services and to help improve the Services. Such use may include:
- Providing you with the products, services and information you request;
- Contacting you when necessary or requested, including to remind you of an upcoming appointment;
- Using statistical information that we may collect as permitted by law, including from third parties in connection with their commercial and marketing efforts; and
- Fulfilling our legally required obligations, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
5. Disclosure of Personal Information
In certain circumstances, and in order to perform the Services, we may disclose certain information that we collect from you:
- We may share your Personal Information with Healthcare Providers with whom you choose to schedule through the Services.
- Provided that you choose to use the applicable Services, we may share your Personal Information with your Healthcare Providers.
- If you are accessing this Application as a benefit provided by your insurance provider and/or employer, we may share your Personal Information and Traffic Data with the insurance provider and/or the employer you identify to us (and via our partners) to determine eligibility and cost-sharing obligations, to monitor usage of the Application, and otherwise obtain benefit plan information on your behalf.
In addition, we may also disclose your Personal Information to the extent necessary or appropriate, and in compliance with HIPAA, to government agencies, advisors and other third parties in order to comply with applicable laws, the service of legal process, or if we reasonably believe such action is necessary to: (i) respond to a court order or request from a federal or state regulatory authority or to comply with any law or regulation requiring such disclosure; (ii) protect and defend the rights or property of Wildflower Health; (iii) prevent or aid in the investigation of a crime or protect national security; or (iv) act under exigent circumstances to protect the personal safety of users of Wildflower Health or the public).
We may also disclose your Personal Information in connection with an audit of our books and records, a merger, reorganization, dissolution, liquidation, or sale of some or all of our assets, stock or business.
When we create, collect, receive, maintain or transmit PHI we do so under “business associate” agreements with our “covered entity” clients that require us to comply with HIPAA in doing so.
We do not sell, rent or lease our customer lists to third parties.
6. Security of Information Collected
- No sharing of information with other phone applications. The information collected by the phone application on the users’ behalf is for their benefit only. No cookies or shared resources are used that make any user information accessible by other unauthorized applications, websites, or resources.
- Aggregate usage information. Various information regarding the usage of the application aggregated across users is collected, such as: screens visited, number of times screens are accessed, number of registrations, time spent on a screen, etc. This information is collected so Parties can understand and improve how the app is used and does not contain information that can identify individual users and may be securely shared between Parties.
- User level information sharing. All information gathered in the phone application is encrypted for secure storage and encrypted if and when transported over the network. We may share personally identifiable Personal Information, Traffic Data, usage information, or other information you provide to the Application with CLIENTNAME, but all sharing will be done in an encrypted and secure fashion.
Wildflower Health secures your Personal Information from unauthorized access, use or disclosure through physical, administrative and reasonable technological measures. Although we will use reasonable efforts to safeguard the privacy of your Personal Information, transmissions over the Internet cannot be made absolutely secure. Wildflower Health assumes no responsibility or liability for disclosure of any of your Personal Information due to errors in transmission, unauthorized third-party access or other causes beyond our reasonable control.
You have the right, at any time, to review and/or modify any of your personal information that you provided during registration, or any other voluntarily provided information. We respect your privacy and give you an opportunity to opt-out of receiving announcements of certain information. Users may opt-out of receiving any or all communications from Wildflower Health by contacting us at firstname.lastname@example.org. To protect your confidentiality, we can only send a requested profile to the email address listed in the profile. In any event, for legal compliance purposes, we may retain information about you in a legal archive until such time as we no longer have legal obligations for such information. Our back-up files will maintain copies of your personal information until we complete normal operational overwriting of such files, but no longer than 90 days from the date your information was removed from our primary files pursuant to your request. We reserve the right to contact former users from time to time.
7. Public Information
You agree that any information that you may reveal in a review posting or online discussion or forum is intentionally open to the public and is not in any way private. What you have written may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
8. Children Under Thirteen
Wildflower Health does not knowingly collect Personal Information from children under the age of 13. If you are under the age of 13, you must ask your parent or guardian for permission to use the Services. If we become aware that a user under the age of 13 has registered or is attempting to register, we will notify the user that the user is not eligible for registration. We will then expunge any related Personal Information from our records.
If you are a parent or legal guardian of a minor child, you may use the Services on behalf of such minor child. Any information that you provide while using the Services on behalf of your minor child will be treated as Personal Information as described herein.
9. Changes to this Policy
10. Security Breach and Identity Theft
The Services rely on the Internet and mobile networks, which are not always secure. We work hard to protect Wildflower Health and our users from data breaches, but we cannot assure that the use of the Services are secure. Whenever we collect sensitive information (such as personal health data), that information is encrypted and transmitted to us in a secure way. We also protect your information offline. Only employees or contractors who need information to perform a specific task are granted access to Personal Information. The cloud in which we store Personal Information is maintained in a secure environment. In the event we become aware of a security incident, we will notify you as required under applicable law.
Wildflower Health will not, at any time, request credit card information, login information, or any identification numbers in a non-secure or unsolicited email or telephone communication. You can learn more about how to prevent identity theft at www.ftc.gov.
11. Residents of the European Union
The information collected by Parties or their affiliates in providing the Services may constitute “personal data” under the terms of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 and/or other laws of the EU’s member states.
You have the right to object to certain purposes for processing your personal data. You can exercise these rights by contacting us:
Wildflower Health, Inc.
Attn. Nicole Harper
220 Halleck Street, Suite G100
San Francisco, CA 94129
12. California Privacy Rights
California Civil Code Section 1798.83 permits users of the Services who are California residents to request certain information regarding Wildflower Health’s disclosure of personally identifiable information to third parties for their direct marketing purposes. To make such a request, please write to us at:
Wildflower Health does not serve advertising on the Services.
13. Contact Information
This policy was last updated on April 4, 2019.