3. PERSONAL INFORMATION
3.2 If we also collect or generate Protected Health Information (“PHI”) in connection with the Services, your PHI will be treated in accordance with the Health Insurance Portability and Accountability Act (“HIPAA”). Learn more about PHI and HIPAA by reading our Notice of Privacy Practices.
4. TYPES OF PERSONAL INFORMATION WE MAY COLLECT
4.1 The types of Personal Information we collect may include:
(a) identifying information such as name, date of birth and employment details;
(b) identification information for identity verification, which may include your driver’s license;
(c) contact and demographic information such as home address, home and mobile phone numbers and email address, password, marital status, gender and in some cases your work contact details;
(d) health insurance information, including details of your policy or claims;
(e) government-issued identifiers including Medicare numbers;
(f) financial information, such as bank account and credit card details;
(g) information about your general practitioner, including the general practitioner’s name, contact number, facsimile and clinic address.
(h) health information, including:
(i) information about your health and health services provided to you;
(ii) information about your symptoms or diagnosis; specialist reports and test results; prescriptions and other pharmaceutical purchases; your wishes about future health services and appointment and billing details;
(iii) lifestyle, diet, exercise and health related information that you choose to provide us
(i) information about your activities, including sporting and other lifestyle interests;
(j) biometric information and templates, such as voice recognition information and eye-recognition information;
(k) information about your physical movements and performance when using the hardware or equipment associated with our Services
(l) information about your employment and education history and information contained in your resume;
(m) your IP address, device information and location information; and
(n) technical, analytical and behavioral information generated from tracking technologies which may be embedded within certain components of our Services such as:
5. COLLECTING YOUR PERSONAL INFORMATION
5.1 We may collect Personal Information from you in various ways, at various times, and from various sources in connection with our Services, including:
(a) when you open and begin an enrollment form, survey, or other type of intake form;
(b) when you interact with us through third-party accounts, such as Google+, LinkedIn, Facebook and Instagram;
(c) when you contact us in person, by phone, mail, email or online;
(d) when you wear and use our hardware or equipment;
(e) when you make an appointment;
(f) when you use any other component or portion of our Services;
(g) From a third party or other authorized individual who provides us with information on your behalf (e.g., your health care provider);
(h) From our third party service providers who help us to operate, maintain and host the Services; and
6. DISCLOSURE OF YOUR PERSONAL INFORMATION
6.1 We may disclose Personal Information to the following parties:
(a) Our employees, agents, trusted business partners and service providers;
(b) our professional and legal advisors;
(c) potential or actual buyers of our assets or business, such as by means of merger, acquisition or purchase of all or substantially all of the assets of XRHealth, so long as such potential or actual buyer maintains the same privacy terms hereunder;
(d) government, regulatory and law enforcement agencies as required, or as otherwise authorized or permitted by law; and/or
(e) other parties who you explicitly provide your consent to.
7. WHY WE PROCESS YOUR PERSONAL INFORMATION
7.1 We may process your Personal Information for various purposes, such as to:
(a) provide you with the Services;
(b) manage our relationship and communicate with you;
(c) verify your identity;
(d) personalize and enhance your experience while using the Services;
(e) respond to any inquiries or questions you submit to us;
(f) provide you with commercial materials, updates about XRHealth’s developments, new offerings, news regarding the Services and other services/products that may be of an interest to you;
(g) enable payment for our Services through third party payment processors;
(h) send you marketing communications or to advertise to you, e.g., via emails or advertisements on websites and social media platforms to promote and market our Services to you, and keep you informed of special offers or updates. You can opt out of marketing communications at any time by using the unsubscribe information within the message you receive or by reaching out to us using the contact information below;
(i) enable you to use social features on our Services;
(j) to protect the rights, property, or personal safety of XRHealth, its users or the general public and to keep the Services safe and secure to prevent fraud and crime;
(k) for internal operations such as record keeping, database management, data analytics or training;
(l) comply with our legal obligations or enforce our legal rights;
(m) as otherwise required or authorized by law;
(n) use it for statistical, analytical and research purposes and for customization, developing and improvement of our Services; and
(o) to contact you regarding our Services, and so you can let us know your preferences in relation to such contact.
8. CHILDREN’S PRIVACY
8.1 With parental/legal guardian or other appropriate consent, children under the age of 13 may utilize our Services. Please note that in such instances, we do not collect more Personal Information than is necessary to provide children with the Services.
9. SECURITY OF YOUR PERSONAL INFORMATION
9.1 We take reasonable measures to maintain the security and integrity of our Services and prevent unauthorized access or use through generally accepted industry standard technologies and internal procedures. We utilize third parties to assist us in providing the Services who are also bound by contractual and legal privacy protections. In addition, we employ highly secure services design and implementation using state of the art encryption and architecture mechanisms. Furthermore, we implement a secure permission management and auditing system using specific and proprietary firewall and network access filtering as well as security group mechanisms. Please note, however, that there are inherent risks in transmission of information over the Internet or other methods of electronic storage and we cannot guarantee that unauthorized access or use will never occur.
10. HOW WE RETAIN OF YOUR PERSONAL INFORMATION
We seek to keep your Personal Information for only as long as it is required in order to provide you with products and Services or to comply with our business and legal obligations and requirements.
11. YOUR PERSONAL INFORMATION RIGHTS
11.1 Depending on your jurisdiction and what type of user you are, you may have specific rights with respect to your Personal Information. If you are a patient, please consult our Notice of Privacy Practices. If you are not a patient, please contact us using the information below to exercise your personal information rights. It would assist us to ensure we properly understand your request, and allow us to respond more promptly, if requests are made in writing and include as much detail as possible.
12. CLOSING YOUR ACCOUNT
12.1 In the event that you wish to cancel your Services with us, you may do so through your settings or by sending us an e-mail using the contact details below.
13. IF YOU HAVE QUESTIONS OR CONCERNS ABOUT YOUR PERSONAL INFORMATION
13.2 You should put any complaint you have in writing and give as much detail as you can about the nature of your complaint and the information affected.
13.3 The Privacy Officer will manage the investigation of your complaint or concern and will respond to you within a reasonable time frame.
15. XRHEALTH CONTACT DETAILS
Privacy Officer: Sagit Sade Attia
Ph: +1 855-878-4193
© 2020 XRHealth USA INC. ALL RIGHTS RESERVED.