Information Collection and Use
References in this document to “MEDEFY” refer to the owners of MEDEFY’S Licensed Products, their affiliates, officers, directors, employees, agents, and representatives (collectively, “MEDEFY”).
1) Information Gathered by MEDEFY
2) Access to Health Data
MEDEFY will not use any information gained from the use of the User’s personal health information for any advertising or similar services.
MEDEFY will not disclose any information gained from the use of the User’s personal health information to any third parties.
MEDEFY will not sell any information gained from the use of the User’s personal health information to any third parties, such as advertising platforms, data brokers, information resellers, or research institutions.
MEDEFY will not use any information gained from the use of the User’s personal health information for applications, services, or features designed to collect or combine user data for human subjects research, or any other similar research overseen by an Institutional Review Board or Ethics Committee unless prior written consent is given.
MEDEFY will not use any information gained from the use of the User’s personal health information for any purpose or in any manner involving Protected Health Information, as defined by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) unless prior written consent is given.
MEDEFY will only be allowed access to the User’s daily step count information once the User has given the app permission.
MEDEFY will only access the Users’ daily step count information for the purpose of calculating and determining if Users have met their goals.
Users may revoke MEDEFY’S permission to access their step count data at any time.
3) Collection Of Information By Third-Parties
Some of our site(s) and service(s) contain links to other sites whose information practices may be different than ours. Visitors should consult the other sites’ privacy policies as we have no control over information that is submitted to, or collected by, these third parties (see the section below entitled “Links”).
Additionally, despite all of MEDEFY’s best efforts, there is always a risk that third parties may unlawfully intercept transmissions of information (see “Disclaimer” at the end of this Notice). This reality is true of all Internet use. As a result, we cannot 100% ensure the security of any information transmitted to MEDEFY via the Internet.
4) Information Gathered During Registration
In order to use MEDEFY’s website, Users may be asked to first complete a log-in registration form. During registration Users who register may be required to give their contact information (such as name, ID number, etc.). MEDEFY uses the information collected from Users during the registration process to provide secured access to the Licensed Product. Users may have their IP addresses (unique network identifying numbers) recorded in order to prevent fraud or misuse.
5) Log Files
We use IP addresses to analyze trends, administer the site, track Users’ movement, prevent unauthorized tampering with our services, and gather broad demographic information on aggregate usage patterns. IP addresses are not generally linked to personally identifiable information, although they may be recorded in transaction log files to aid in security auditing. Log files include IP address, domain name, pages visited, access times, browser type, referring pages, and other information that is contained within a normal web page request.
6) External Website Links from www.Medefy.com
MEDEFY takes special care to protect Users’ information. When Users submit sensitive personally identifiable information via our website, this information is protected both online and off-line.
When our order form asks Users to enter sensitive information, that information is encrypted and is protected with the best encryption software in the industry – – currently, Secure Sockets Layer (SSL), authenticated with a digital certificate. Users will see an indication that the page the User is visiting is deemed secure when a lock-shaped icon appears on a secure page (such as our order form) at the bottom of popular Web browsers; this icon will appear “locked” (as opposed to an “unlocked” icon that appears when you access non-secure pages).
We compartmentalize and quarantine our employee data and billing data, and keep them separate from one another which thereby increases protection. Only employees who need the information to perform a specific authorized task (for example, billing or customer service) are granted access to personally-identifiable information. All employees are kept up-to-date on our security and privacy practices. Every quarter, as well as any time new policies are added, our employees are notified and reminded of the importance that MEDEFY places on privacy, and what they can do to continue to ensure that our customers’ information remains protected. Finally, our servers (within which personally identifiable information, including PHI, is stored) are kept in a secure, monitored facility.
If a Customer or User has any questions about the security of our online services and our website, the Customer or User can contact tech support at email@example.com.
8) Site and Billing Announcements
We may also periodically send site and billing announcements to our Customers. Customers will be unable to un-subscribe from these announcements, as they contain important information concerning our service or the User’s account. We must be able to communicate with the User to provide requested services and in regards to issues relating to their account via e-mail or the web. These announcements will be limited in content to information concerning our services, or the User’s account, and they will not contain any promotional or marketing material.
Both current and prospective Users may sign up to receive our monthly newsletter. At the time at which Users subscribe for the service, and included in every month’s newsletter, is a link to an automated “unsubscribe” system. We will not sell or release our newsletter mailing list to any other party for any reason.
10) Correcting / Updating Personal Information
If a User’s personally-identifiable information changes (such as their zip code), or if a User no longer desires to use our service, we will utilize an updating system to incorporate and act upon the User’s personal data provided to us. This can be performed at our User Account editor page, or by notifying our customer support personnel at firstname.lastname@example.org.
11) Customers’ Data and E-mail Lists
In the course of providing services, MEDEFY may receive data from customers, or to be sent to its customers, including but not limited to questions, response data, and e-mail lists for invitations. MEDEFY will not use specific questions or e-mail addresses for purposes other than for providing service to the customer. Specifically, we do not use or sell e-mail addresses to which invitations have been sent using MEDEFY’s e-mail invitation system. Please note, however, that MEDEFY does use aggregate information regarding questions, responses, and e-mails to learn about and improve how our service works. For example, we may measure the response rates to e-mail invitations, or how the position of a question on a page affects its response rate, but we will not use specific questions, responses, or e-mail addresses without your permission.
13) Notification of Changes
While MEDEFY agrees to maintain certain security measures to protect User information, MEDEFY cannot be responsible for the release of User information caused by hacking or another User’s tampering with the MEDEFY website. Users assume the risk that any information that they have submitted, however secure, may be illegally misappropriated by others. MEDEFY agrees to fully cooperate with law enforcement to protect and retrieve any information that may be illegally misappropriated by others.
15) Questions or Complaints