Information We Collect
We may collect the following types of information:
Information you provide — When you sign up for the Service, we ask you for some basic personal information. This includes personally identifying information such as your name, mobile device identification and number, email address and home zip code. Some of this information will be retrieved and saved on our systems and may include a user token or other persistent identifier. Through use of the Service, you may provide additional information for use, handling and posting by Company in connection with the provision and maintenance of the Service, including information about your upcoming medical procedure or surgery or after-surgery recovery program, which may include voice recordings or other audio or video material. You may also provide certain personal information of your Authorized Individuals in order to allow them to access your account through the Service.
Information your Authorized Individuals or Authorized Provider provides – If you have designated any Authorized Individuals to access and use the Service on your behalf, your Authorized Users may provide us information. If you use the Service to connect and correspond with an Authorized Provider, such Authorized Provider may provide information through the Service.
Tags — When you use the Service, we may send use tags to track your use of the Service on your mobile device. We use the information provided by such tags to connect you with the relevant information on your surgical procedure and customize your experience and to improve the quality of our Service, including for tracking user trends, such as how people use our Service.
Automatically collected Information; Log information — When you access the Service, our servers automatically record certain information. These server logs may include information such as your information request, your interaction with the functions available through the Service, the date and time of your request and one or more unique identifiers so we can identify your device, including device type, operating system and device ID. We do not share your personal information as linked with your IP address or device ID with third parties.
User communications — When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services. We may use your email address to communicate with you about our services.
How We Use and Share Information
We will also analyze your information and use of the Service in order to improve and customize your experience, including remembering information so you will not have to re-enter it and provide access to your data. We may also use such information to contact you regarding Service changes, system maintenance and outage issues, account issues or otherwise troubleshoot problems.
Information you provide in your interactions with the Service – Please do not post personal information of anyone else without their permission. If you or any Authorized Individual or Authorized Provider provides information in the form of a voice recording or other audio or video material, you agree that we will treat such recording, audio or video as your personal information provided however that you agree that any non-personally identifiable content therein may be used by us in connection with the Service and as otherwise permitted herein.
Service Providers – We will disclose information to our service providers that work on our behalf or with us to fulfill your information requests and to provide the Service. We do not permit these providers to use your information other than as necessary to provide the services to us.
With Permission – If we use your personal information in a manner different than the purpose for which it was collected or other than as disclosed in this policy, then we will ask for your consent prior to such use.
Aggregate and Non-personally Identifiable Information – Company may use non-identifiable anonymous data that is based on our users’ use of the Service, including your use and based on the Personal Information you provide and combine it with other anonymous data to create what is referred to as "Aggregate Data" that may be disclosed to third parties. Aggregate Data is information that describes the habits, usage patterns and/or demographics of users as a group but does not reveal the identity of particular users. For example, Aggregate Data may provide information on the types of procedures for which patients may require additional reminders or tasks, or as to the features of the Service that are most used or visited by different demographic groups. Aggregate Data may be used to determine such things as user demographics and usage patterns for our services. Company may use Aggregate Data within Company to understand the needs of the Manage My Surgery community of users and determine what kinds of programs and services we can offer, including improvements and new products. We may also share Aggregate Data with third parties.
Except as set forth herein, we will not provide your personally identifiable information to any such unaffiliated parties for marketing or other purposes without your consent.
Request for Personal Information
End users can request a download of their Manage My Surgery information by sending an email to firstname.lastname@example.org from the email id used for account signup. We will respond within 7 days of the request to facilitate a download of the information after verification of authenticity of the request. Additionally, end users can also log in to the app and submit request to download their data.
If we become involved in a merger, acquisition, or any form of sale of some or all of our assets, your information may be included in the assets sold or transferred to the acquirer. You hereby agree that we may transfer or assign the information we have collected from you in connection with any such event. In the event of a bankruptcy, insolvency, reorganization, receivership or assignment for the benefit of creditors, we may not be able to control how your personal information is treated, transferred or used.
We will take reasonable security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. However, we cannot guarantee its absolute security or that unauthorized persons will not access or use your personal information for improper purposes. In the event of a breach of security affecting personal information or data on our servers, we will take such notification and other steps as may be required under applicable law. You hereby agree that we may send you notices through the Service or via email.
Accessing and updating personal information
You may update, change or correct your personal information through the Service. We will update your account and information as requested, provided, that we may decline to update information if we determine it to be impractical (for instance, requests concerning information residing on backup tapes or other historical data). In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Social Media Sites
We may have pages or other presence on various social networking sites or services, such as Facebook, Twitter and the like. Any information you post or provide through such sites and services will be subject to the policies of those sites and services.
Location of Servers
Information of Children
The Service is not intended for use by minors under the age of eighteen (18), unless through an Authorized Individual Representative. If we learn that a child under the age of 18 has provided us with personal information without verifiable parental consent, we will promptly take reasonable and appropriate actions to remove such user and delete any personal information from our servers. If you believe we might have any information from or about a child under 18 which was not obtained with verifiable parental consent, please contact us at email@example.com.
We do not track or collect personal data about your online activities once you close the Application or Service.
Some of our users may be "covered entities" as defined in and for the purposes of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and the Health Information Technology for Economic and Clinical Health of 2009 ("HITECH") and the regulations adopted thereunder (collectively and as may be amended "Health Privacy Laws"). If we store, process or transmit individually identifiable health information (as defined under the Health Privacy Laws) on behalf of a covered entity, we may do so as "business associate" and as set forth in a separate business associate or provider agreement. In such cases, Company is obligated to treat the individually identifiable health information in accordance with the applicable Health Privacy Laws.
If you are not a covered entity and you are registering for the Service for your own personal use and not in connection with a covered entity (e.g., a hospital or physician/physician practice), you understand and agree that Company is not a healthcare provider or other "covered entity" for the purposes of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and that Personal Information provided by you to Company or through the Service will not be subject to HIPAA requirements or deemed Protected Health Information for such purposes provided, however, if you are registering for the Service in connection with health care services to be provided by a covered entity, as a business associate of such covered entity, Company is obligated to treat any individually identifiable health information provided by you to Company or through the Service (and any other individually identifiable health information created, received, maintained, or transmitted by Company on behalf of a covered entity) in accordance with the applicable Health Privacy Laws.
Data Protection Officer (DPO)
Ver. No. 2.5
Last modified: March 4, 2021